[Openid-specs-risc] Scopes Required for SSF Stream Configuration
Atul Tulshibagwale
atul at sgnl.ai
Thu Jun 22 21:52:35 UTC 2023
Hi Eric,
I've added this to next week's agenda
<https://hackmd.io/@oidf-wg-sse/wg-meeting-20230627>. There's a OpenID
Connect Discovery
<https://openid.net/specs/openid-connect-discovery-1_0.html> spec that has
the idea of "suggested_scopes". This could be appropriate for our purpose
(as someone outside the WG pointed out to me). I think this can be done on
a per-endpoint basis in our case, as the scopes for, say, polling an event
in a stream may be different from the scopes for creating a stream.
Atul
On Wed, May 31, 2023 at 4:42 PM Eric Karlinsky via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:
> Hey WG -
>
> Is there a need or desire to standardize the scopes that need to be
> requested and granted to set up a stream? e.g., ssf.manage or ssf.read. The
> value would be that this would be one less variable to be set by an admin
> when setting up a stream. Has this been discussed?
>
> Thanks,
> Eric
>
> --
>
> Eric Karlinsky (he/him/his)
>
> Director, Product Management – Security
>
> eric.karlinsky at okta.com
>
> <https://okta.com/>
>
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-risc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230622/246a38b4/attachment.html>
More information about the Openid-specs-risc
mailing list