Hi Sam, Sometimes based on the scopes we might need to authorize the APIs to get different responses.
Eg: Facebook scopes [1]. At the login we can send multiple scopes, generate the token and authorize an API based on scopes. It is not possible if only one scope is assigned to one API (resource). IMO scopes should be initially designed when the APIs are designed regardless of the roles that they would be attached to. [1] - https://developers.facebook.com/docs/facebook-login/permissions On Thu, Aug 4, 2016 at 1:41 PM, Milan Perera <[email protected]> wrote: > Hi Sam, > > Thanks for the clarification. > > On Thu, Aug 4, 2016 at 12:34 PM, Sam Sivayogam <[email protected]> wrote: > >> Hi Milan, >> >> In APIM scopes are there to give access controls based on user roles. A >> scope can contain multiple user roles so if you want to block multiple >> roles add those roles to a* single scope *and assign to the particular >> resource. IMO there is no need to create multiple scopes with different >> roles and assigning it to the same resource, when you can already create a >> scope with multiple roles. >> >> Thanks, >> Sam >> >> On Thu, Aug 4, 2016 at 12:25 PM, Milan Perera <[email protected]> wrote: >> >>> Hi all, >>> >>> While going through the code I found that URITemplate class has an >>> attribute to store multiple scopes. >>> >>> package org.wso2.carbon.apimgt.api.model; >>> >>> >>> public class URITemplate implements Serializable { >>> *...* >>> private Scope scope; >>> private List<Scope> scopes = new ArrayList(); >>> >>> Can we use this scopes attribute to do the $subject? >>> >>> >>> Regards, >>> >>> >>> On Thu, Aug 4, 2016 at 12:09 PM, Milan Perera <[email protected]> wrote: >>> >>>> Hi all, >>>> >>>> Is $subject possible? >>>> I noticed that $subject capability is limited in UI. >>>> >>>> Regards, >>>> >>>> -- >>>> *Milan Perera *| Software Engineer >>>> WSO2, Inc | lean. enterprise. middleware. >>>> #20, Palm Grove, Colombo 03, Sri Lanka >>>> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >>>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>>> <http://lk.linkedin.com/in/milanharinduperera> >>>> <https://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> *Milan Perera *| Software Engineer >>> WSO2, Inc | lean. enterprise. middleware. >>> #20, Palm Grove, Colombo 03, Sri Lanka >>> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >>> Email: [email protected] <[email protected]> | Web: www.wso2.com >>> <http://lk.linkedin.com/in/milanharinduperera> >>> <https://wso2.com/signature> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Sam Sivayogam* >> >> Software Engineer >> Mobile : +94 772 906 439 >> Office : +94 112 145 345 >> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >> lean.enterprise.middleware. >> > > > > -- > *Milan Perera *| Software Engineer > WSO2, Inc | lean. enterprise. middleware. > #20, Palm Grove, Colombo 03, Sri Lanka > Mobile: +94 77 309 7088 | Work: +94 11 214 5345 > Email: [email protected] <[email protected]> | Web: www.wso2.com > <http://lk.linkedin.com/in/milanharinduperera> > <https://wso2.com/signature> > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Regards, Chatura Dilan Perera *Associate Tech Lead** - WSO2 Inc.* www.dilan.me
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
