Hi All, We have two implementations related to scopes in the IS, one for OAuth2 scopes (for oauth2 scopes and scope bindings(role, permission etc)) and the other for OIDC scopes (for scope claim mappings). The data is also stored separately. For the OAuth2 scope management, we already have a REST API[1] and with the OAuthAdminService Soap API, we manage the OIDC scopes. When designing the REST API to include OIDC scopes management there are two ways this can be done.
1. Have a seperate API for OIDC scope managment. 2. Include the OIDC scope management and OAuth scope management in the same REST API and treat them both as a single resource when exposing it to the outside and manage them separately internally. [1] - https://docs.wso2.com/display/IS580/apidocs/OAuth2-scope-endpoint/index.html Your thoughts on this are much appreciated. Thank you, Best Regards, Janak -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +94777764144 | (w) +94112145345 | (e) [email protected] <https://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
