On Wed, Feb 12, 2020 at 5:38 PM Sarubi Thillainathan <[email protected]> wrote:
> Hi All, > > Currently in IS, whenever a token request comes with a list of scopes > we'll be showing all the scopes and get the consent from the user > regardless of that scopes are requested or not in the Identity Server. > But by going forward with IS 5.10.0, we'll be more descriptive and decided > to show the display name of the scope and it's the description as well > when we are getting the consent from the user. Also, if the scope is not > registered under the OAuth2 scope or OIDC scope in the IS, then we decided > to skip that particular scope from the consent page also in the response as > a default behaviour. > > In order to keep the backward compatibility, we'll keep a flag so that we > can enable it if we want to list the scope which is not registered. Note > that in that case scopes which are not registered will display with the > provided scope name and scopes which are registered will displayed with > their corresponding display name and description in the consent page. > > Highly appreciate your ideas and suggestion on this. > > > > > Thanks, > Sarubi. > -- > *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. > (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] > > *[image: https://wso2.com/signature] <https://wso2.com/signature>* > -- *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] *[image: https://wso2.com/signature] <https://wso2.com/signature>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
