Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-17

REQ007 OAuth2 Scopes for every separate module (auto-discovery)

    Details

    • Type: Story
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.0-portal_7.1.0
    • Fix Version/s: 1.0-portal_7.1.0
    • Component/s: None
    • Labels:
      None
    • Sprint:
      August_Appliaction Security

      Description

      • We can allow "implicit" scopes that are checked by the endpoint business code
      • A Java code programmatic guard similar to DoAs, Runnable or Consumer
      • Endpoint / module must export the supported scopes
      • We need to enforce uniqueness of the scopes identifiers

      Start with Blogs, then Docs and Message Boards - should be SAP profiles for JSONWS, can be covered in documentation.

      Can be JSONWS (SAP entry) scope or JAX-RS scope.

      Please see also OAUTH2-32

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package
                  1.0-portal_7.1.0