Hi Milan and Ayyoob,
Mapping an application capability directly to a role, only complicates the
permission management side of the same.
As this was initially dealt by a permission, ideally now, this should be
dealt by a scope
since we are now moving from carbon permission based approach to OAuth
Milan, Please find my comments inline.
*Ayyoob Hamza*
*Software Engineer*
WSO2 Inc.; http://wso2.com
email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495>
On Wed, Aug 3, 2016 at 8:47 AM, Milan Perera wrote:
> Hi all,
>
> In CDMF, we are currently heading towards OAuth2 scope based
Hi all,
In CDMF, we are currently heading towards OAuth2 scope based authorization
mechanism by revamping current carbon permission based authorization
mechanism in order to support widely accepted standard for API
authorization.
As a result, we have to find a new way to do the $subject. So the p
