Hi Nadeesha, By design, the role validation for scopes is done only at runtime. In the design time, it's not validated because app developers should be able to test their apps with any scope attached to the subscribed APIs.
Thanks, Bhathiya On Sun, Apr 22, 2018 at 5:53 PM, Nadeesha Gamage <nadee...@wso2.com> wrote: > Hi API Manager team, > Is there a reason for showing all scopes (even the once that > doesnt associate or work for a given users role) in the scopes dropdown of > the API Store key generation section shown below. Currently All scopes are > shown even if the scope is not allowed to a given user. > > > > > > > Thank you > > -- > Nadeesha Gamage > Lead Solutions Engineer > T : +94 77 394 5706 > B : https://nadeesha678.wordpress.com/ > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev