We have added scopes REST API which allow you to retrieve all scopes or the scopes that particular user is entitled[1].
[1] https://github.com/wso2/product-apim/issues/1661 On Mon, Apr 23, 2018 at 7:48 AM, Bhathiya Jayasekara <[email protected]> wrote: > Hi Nadeesha, > > When you say 'users in an organization', are you referring to app > developers or end users? > > The scopes are used to authorize end users, but not app developers. > Therefore, as you said if the end users want to know which scopes they are > allowed to access, they can do that by calling the token endpoint. However, > since end users typically don't directly call APIs but applications call > APIs on behalf of them, I can't think of a use case where end users needing > to know all scopes they have access to. Do you have any specific use case > ? > > If they want to know the scopes they have access to within an application, > the application itself can call the token API and let its end users know > what they have access to. > > Thanks, > Bhathiya > > On Mon, Apr 23, 2018 at 4:26 AM, Nadeesha Gamage <[email protected]> > wrote: > >> Ok noted, but on a more practical POV I feel it would be good to have >> only the applicable scopes available. If an organization is going to have >> many different types of scopes it would be a tedious task for anyone to >> find out which scope is really applicable for them. >> >> >> Nadeesha >> >> On Sun, Apr 22, 2018 at 11:00 PM, Bhathiya Jayasekara <[email protected]> >> wrote: >> >>> Hi Nadeesha, >>> >>> By design, the role validation for scopes is done only at runtime. In >>> the design time, it's not validated because app developers should be able >>> to test their apps with any scope attached to the subscribed APIs. >>> >>> Thanks, >>> Bhathiya >>> >>> On Sun, Apr 22, 2018 at 5:53 PM, Nadeesha Gamage <[email protected]> >>> wrote: >>> >>>> Hi API Manager team, >>>> Is there a reason for showing all scopes (even the once that >>>> doesnt associate or work for a given users role) in the scopes dropdown of >>>> the API Store key generation section shown below. Currently All scopes are >>>> shown even if the scope is not allowed to a given user. >>>> >>>> >>>> >>>> >>>> >>>> >>>> Thank you >>>> >>>> -- >>>> Nadeesha Gamage >>>> Lead Solutions Engineer >>>> T : +94 77 394 5706 >>>> B : https://nadeesha678.wordpress.com/ >>>> >>> >>> >>> >>> -- >>> *Bhathiya Jayasekara* >>> *Associate Technical Lead,* >>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>> >>> *Phone: +94715478185* >>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>> <http://www.linkedin.com/in/bhathiyaj>* >>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >>> *Blog: http://movingaheadblog.blogspot.com >>> <http://movingaheadblog.blogspot.com/>* >>> >> >> >> >> -- >> Nadeesha Gamage >> Lead Solutions Engineer >> T : +94 77 394 5706 >> B : https://nadeesha678.wordpress.com/ >> > > > > -- > *Bhathiya Jayasekara* > *Associate Technical Lead,* > *WSO2 inc., http://wso2.com <http://wso2.com>* > > *Phone: +94715478185* > *LinkedIn: http://www.linkedin.com/in/bhathiyaj > <http://www.linkedin.com/in/bhathiyaj>* > *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* > *Blog: http://movingaheadblog.blogspot.com > <http://movingaheadblog.blogspot.com/>* > -- Harsha Kumara Software Engineer, WSO2 Inc. Mobile: +94775505618 Blog:harshcreationz.blogspot.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
