[
https://issues.apache.org/jira/browse/CXF-7274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16430814#comment-16430814
]
Jim Willeke commented on CXF-7274:
----------------------------------
Incremental authorization is a concept within Privacy Enhancing Technologies
and Principle of least privilege where as an entity is only granted the
privileges required.
There is an Internet Draft
[https://tools.ietf.org/id/draft-wdenniss-oauth-incremental-auth-00.html] that
might be helpful and Google has support for this:
[https://developers.google.com/identity/protocols/OAuth2WebServer#incrementalAuth]
> Improve OAuth2 incremental authorization support
> ------------------------------------------------
>
> Key: CXF-7274
> URL: https://issues.apache.org/jira/browse/CXF-7274
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS, JAX-RS Security
> Reporter: Sergey Beryozkin
> Priority: Major
>
> It exists in some form already via the 'supportPreauthorizedTokens' property
> but it may be too limited
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
