Re: [keycloak-user] oauth limited scope access tokens?

I noticed the following comment in TokenManager: public static Set<RoleModel> getAccess(String scopeParam, ClientModel client, UserModel user) { // todo scopeParam is ignored until we figure out a scheme that fits with openid connect … } Am I right to assume this means it is not possible for an OAuth client to request an access token for a subset of the available scopes? I.e. The OAuth scope parameter is ignored? If this is correct, is this a feature that will be added soon? _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user