[openstreetmap/openstreetmap-website] OAuth 2: Granting partial permissions not possible (Issue #4360)
Anton Khorev
notifications at github.com
Thu Nov 23 11:31:47 UTC 2023
> So anyway, after having read the RFC, it doesn't look like OAuth 2 is designed to allow this kind of flow we used to have with OAuth 1.0a.
It is designed to allow this.
https://datatracker.ietf.org/doc/html/rfc6749#section-3.3
> The authorization server MAY fully or partially ignore the scope requested by the client, based on the authorization server policy or the resource owner's instructions.
checkboxes = "the resource owner's instructions"
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4360#issuecomment-1824267512
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/4360/1824267512 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20231123/340224b2/attachment.htm>
More information about the rails-dev
mailing list