[openstreetmap/openstreetmap-website] Add support for privileged OAuth 2 applications (#3300)

mmd notifications at github.com
Fri Aug 27 15:41:14 UTC 2021 

I was testing in Postman and wanted to find out, which scopes are needed for applications like Discourse.

I started out creating a new application with the following scopes.
![postman1](https://user-images.githubusercontent.com/5842757/131152315-6ffc73a7-5890-4490-b758-1b3c8d27b99c.png)

Later on in Postman, if was sufficient to provide "read_prefs" and "read_email" as scopes. The authorization was still automatically skipped without a need to explicitly mention "skip_authorization":

![postman2](https://user-images.githubusercontent.com/5842757/131152504-aba87618-9b37-4553-8572-385b8230e0ac.png)

For other application which don't have the "skip_authorization" scope set on application level, I would still need to authorize all scope, like before. So the existing logic for non-privileged OAuth2 apps is still in place and works fine.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/3300#issuecomment-907294191
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210827/9e2368b3/attachment.htm>

More information about the rails-dev mailing list