This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Implicit Scopes
Implicit Scopes

Version management

Difference between version and

At line 1 added 26 lines
!!! Overview
[{$pagename}] (also referred to as [Privileged Scope]) are [OAuth Scopes] granted by the [Authorization Server] based on [Authorization Policy] for [Resource Owner], or a the [OAuth Client] on [Resource Owner]’s behalf and may be a [Trust Elevation] [event]
The [{$pagename}] may be granted based on the:
* [context] of the [OAuth Client]
* [context] of the [Resource Owner]
* [Authorization Policy]
!! [{$pagename}] [Examples]
An application may have some [Resources] that are publicly available for any [Authenticated] [Resource Owner] that is also a [customer].
When the [Resource Owner] is utilizing [Social Login] the [Authorization Server] may determine this user is also a [Customer]. The [Authorization Policy] says that any [Customer] may be granted the "read_premium" [OAuth Scope]. So the [Authorization Server] would grant the [{$pagename}] "read_premium".
An application may have some [Resources] that are publicly available for any [Authenticated] [Resource Owner].
A "read" [{$pagename}] could be granted in the [Access Token] without being requested.
!! [Multi-Factor Authentication] [Example]
The [acr] implies how the [Authentication Method] used. The [Authorization Server] could grant some "elevated" [OAuth Scopes] based on the [Authorization Policy] and the [Multi-Factor Authentication] used.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop