[keycloak-user] oauth limited scope access tokens?

Bill Burke bburke at redhat.com
Thu Nov 13 16:57:44 EST 2014

What you can do is limit the scope of a client within the admin console.

On 11/13/2014 2:16 PM, Richard Rattigan wrote:
> I noticed the following comment in TokenManager:
>      public static Set<RoleModel> getAccess(String scopeParam,
> ClientModel client, UserModel user) {
>          // todo scopeParam is ignored until we figure out a scheme that
> fits with openid connect
>>      }
> Am I right to assume this means it is not possible for an OAuth client
> to request an access token for a subset of the available scopes? I.e.
> The OAuth scope parameter is ignored?
> If this is correct, is this a feature that will be added soon?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

Bill Burke
JBoss, a division of Red Hat

More information about the keycloak-user mailing list