API and admin access scope handling should be improved

Question

API and admin access scope handling should be improved

Closed this issue 3 years ago · 1 comments

Currently, the scopes omejdn:api and omejdn:admin can be requested and if the attributes with such keys are configured the respective access tokens can be used to access the (admin) API.

A better approach would be to have scopes such as:

omejdn:read
omejdn:write
omejdn:admin

Those scopes then map to an attribute omejdn which can have the values read, write, admin
.

Answer 1 · 2021-10-05T11:26:16.000Z

I am closing this issue for now due to above commit addressing this issue