On 7/29/2014 11:07 AM, Stian Thorgersen wrote: > Not sure I fully understand. > > At the moment an application has scope on all it's own roles. I assume you mean that you're proposing that it should have a "scope" on all roles a user has? > Yes exactly. -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com