1:16 p.m.
I noticed the following comment in TokenManager:
public static Set<RoleModel> getAccess(String scopeParam, ClientModel client,
UserModel user) {
// todo scopeParam is ignored until we figure out a scheme that fits with openid
connect
...
}
Am I right to assume this means it is not possible for an OAuth client to request an
access token for a subset of the available scopes? I.e. The OAuth scope parameter is
ignored?
If this is correct, is this a feature that will be added soon?
3:57 p.m.
What you can do is limit the scope of a client within the admin console.
On 11/13/2014 2:16 PM, Richard Rattigan wrote:
I noticed the following comment in TokenManager:
public static Set<RoleModel> getAccess(String scopeParam,
ClientModel client, UserModel user) {
// todo scopeParam is ignored until we figure out a scheme that
fits with openid connect
…
}
Am I right to assume this means it is not possible for an OAuth client
to request an access token for a subset of the available scopes? I.e.
The OAuth scope parameter is ignored?
If this is correct, is this a feature that will be added soon?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3714
days inactive
3714
days old
1 comments
2 participants
participants (2)
-
Bill Burke -
Richard Rattigan