HI Johann, On Wed, Mar 6, 2019 at 12:19 PM Johann Nallathamby <[email protected]> wrote:
> IAM Team, > > We've implemented XACML based scope authorization during access token > validation phase. However, it is also important to do this authorization > during authorization_code, access_token, refresh_token and id_token, > issuing phase IMO. Especially for self-contained token use cases, we need > to encode the authorized scopes into the JWT token. > With the current implementation we do have the support to validate scopes in token issuing times, which is an extension point. But we don't have a XACML implementation for that. +1 to add this in the future, until its implemented capability is there to add an extension. Regards, Ishara > > Thoughts? > > Thanks & Regards, > Johann. > > -- > *Johann Dilantha Nallathamby* | Associate Director/Solutions Architect | > WSO2 Inc. > (m) +94 (77) 7776950 | (w) +94 (11) 2145345 | (e) [email protected] > [image: Signature.jpg] > -- Ishara Karunarathna Senior Technical Lead WSO2 Inc. - lean . enterprise . middleware | wso2.com email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94717996791
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
