Hi Ishara, I guess, you did some fix on this. Is this fix already in next release?
Thanks, Asela. On Fri, Oct 25, 2013 at 4:34 PM, Prabath Siriwardena <[email protected]>wrote: > Yes.. We cannot give the same access token for different scopes. > > +1 for fixing this. > > Thanks... > > Sent from my mobile device > > > On Oct 25, 2013, at 5:29 PM, Asela Pathberiya <[email protected]> wrote: > > > > Hi All, > > > > AFAIK, currently OAuth2 token endpoint returns the same access token > for different scope. Access tokens are issued per client and resource > owner. I guess, it must be per client, resource owner and scope. If we are > implementing scope validation and resource owner authorization, i guess, > it is better to support this. Can we support this for next release of > Identity Server, if this is not yet done.? > > > > Thanks, > > Asela. > > > > -- > > Thanks & Regards, > > Asela > > > > ATL > > Mobile : +94 777 625 933 > -- Thanks & Regards, Asela ATL Mobile : +94 777 625 933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
