[keycloak-user] oauth limited scope access tokens?

Richard Rattigan Richard.Rattigan at sonos.com
Thu Nov 13 14:16:22 EST 2014

I noticed the following comment in TokenManager:

    public static Set<RoleModel> getAccess(String scopeParam, ClientModel client, UserModel user) {
        // todo scopeParam is ignored until we figure out a scheme that fits with openid connect

Am I right to assume this means it is not possible for an OAuth client to request an access token for a subset of the available scopes? I.e. The OAuth scope parameter is ignored?

If this is correct, is this a feature that will be added soon?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141113/c6942f8c/attachment.html 

More information about the keycloak-user mailing list