[openstreetmap/openstreetmap-website] Add support for privileged OAuth 2 applications (#3300)
mmd
notifications at github.com
Wed Aug 25 16:04:32 UTC 2021
The overall approach to use a admin-only scopes seems pretty much in line with what I discussed with @Firefishy some time ago.
I was wondering a bit, if the current implementation is matching your sysadmin requirements. Say you want to restrict the user/details endpoint with email details to specific client IPs on Apache side.
Right now, this seems a bit difficult to accomplish. I could think of some URL parameter like `?include_email=true` for better visibility also in log files. Does that make sense?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/3300#issuecomment-905660571
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210825/83bbdf4b/attachment.htm>
More information about the rails-dev
mailing list