fix(oxauth): dynamic registration - assign to client only scopes which are explicitly in request #4426

Question

fix(oxauth): dynamic registration - assign to client only scopes which are explicitly in request #4426

yuriyz opened this issue 2 years ago · 2 comments

yuriyz commented 2 years ago

Describe the issue

fix(oxauth): dynamic registration - assign to client only scopes which are explicitly in request #4426

Counterpart of JanssenProject/jans#4426

Change must be backward compatible.

Answer 1 · 2023-04-13T18:14:31.000Z

AS will still behave in same way. There will be new AS configuration property dynamicRegistrationDisableFallbackScopesAssigning. If set it to true it will turn off assinging scopes which are not present in request.

Answer 2 · 2023-04-14T08:47:22.000Z

Done in #1817

@shmorri New configuration property dynamicRegistrationDisableFallbackScopesAssigning description should be added to doc. Where can I add it ? I don't see 4.6 version in https://github.com/GluuFederation/docs-gluu-server-prod. Feature is pushed to master branch which is 4.6.0-SNAPSHOT.