Hi Asela, Just to be clear, Can we register scope values as regex patterns ? > In APIM there is scope white listing capabilities which can be sent any > scope value related to the given regex, "device_*" such scope. > Nope, in IS we don't have this capability. The only thing that we enforce is can't have space in the scope name.
Thanks, Sarubi. On Wed, Feb 12, 2020 at 6:06 PM Asela Pathberiya <as...@wso2.com> wrote: > > > On Wed, Feb 12, 2020 at 5:44 PM Sarubi Thillainathan <sar...@wso2.com> > wrote: > >> >> >> >> On Wed, Feb 12, 2020 at 5:38 PM Sarubi Thillainathan <sar...@wso2.com> >> wrote: >> >>> Hi All, >>> >>> Currently in IS, whenever a token request comes with a list of scopes >>> we'll be showing all the scopes and get the consent from the user >>> regardless of that scopes are requested or not in the Identity Server. >>> But by going forward with IS 5.10.0, we'll be more descriptive and >>> decided to show the display name of the scope and it's the description as >>> well when we are getting the consent from the user. Also, if the scope is >>> not registered under the OAuth2 scope or OIDC scope in the IS, then we >>> decided to skip that particular scope from the consent page also in the >>> response as a default behaviour. >>> >> > Just to be clear, Can we register scope values as regex patterns ? > In APIM there is scope white listing capabilities which can be sent any > scope value related to the given regex, "device_*" such scope. > > Thanks, > Asela. > > >> >>> In order to keep the backward compatibility, we'll keep a flag so that >>> we can enable it if we want to list the scope which is not registered. Note >>> that in that case scopes which are not registered will display with the >>> provided scope name and scopes which are registered will displayed with >>> their corresponding display name and description in the consent page. >>> >>> Highly appreciate your ideas and suggestion on this. >>> >>> >>> >>> >>> Thanks, >>> Sarubi. >>> -- >>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >>> (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com >>> >>> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >>> >> >> >> -- >> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >> (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com >> >> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > Thanks & Regards, > Asela > > Mobile : +94 777 625 933 > > http://soasecurity.org/ > http://xacmlinfo.org/ > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com *[image: https://wso2.com/signature] <https://wso2.com/signature>*
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture