- Managing issued tokens granted by each user (obtaining a list of clients, and updating scopes and revoking permissions for a particular client)
- Authlete's policy on sweeping unused tokens
- How to specify token(s) on updating its information
- Token duration per scope
- Changing token duration
- How to calculate token duration
- Access Tokens
- Refresh Tokens
- ID Tokens
- Registering localized descriptions for custom scopes
- Letting resource owners choose scopes to be authorized
- Scope attributes
- PKCE (RFC 7636)
- Client Management
- Authorization Endpoint
- User Authentication
- Error Handling
- Client Authentication
- Userinfo Endpoint
Letting resource owners choose scopes to be authorized
Authlete enables developers to build an authorization page where end-users (or resource owners) can choose scopes, using scopes parameter at the /auth/authorization/issue endpoint.
Considering the user experience, sometimes we want to implement the authorization pages where end-users can choose their scopes. Authlete provides a function to achieve the requirement.
The scopes parameter at /auth/authorization/issue endpoint enables narrowing down scopes, which are initially requested in the corresponding authorization request. By giving a non-empty string array as the value of the scopes parameter, Authlete replaces the scopes with it.
Please bear in mind that this function only narrows down the scopes originally requested at /auth/authorization endpoint. The scopes parameter cannot add scopes that you did not request at the /aut/authorization endpoint.
How did we do with this article?