[Openid-specs-risc] Scopes Required for SSF Stream Configuration

Eric Karlinsky eric.karlinsky at okta.com
Thu Jun 22 23:32:59 UTC 2023 

Thanks Atul - I assume you mean "scopes supported"?

"scopes_supported":
>      ["openid", "profile", "email", "address",
>       "phone", "offline_access"],


In that case, I think it's a great idea. There still needs to be some
coordination on the meaning of the scopes, unless we define a set of
allowable scopes.

On Thu, Jun 22, 2023 at 5:52 PM Atul Tulshibagwale <atul at sgnl.ai> wrote:

> *This message originated outside your organization.*
>
> ------------------------------
>
> Hi Eric,
> I've added this to next week's agenda
> <https://urldefense.com/v3/__https://hackmd.io/@oidf-wg-sse/wg-meeting-20230627__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocENxy0TCU$>.
> There's a OpenID Connect Discovery
> <https://urldefense.com/v3/__https://openid.net/specs/openid-connect-discovery-1_0.html__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocECSNvfSw$>
> spec that has the idea of "suggested_scopes". This could be appropriate for
> our purpose (as someone outside the WG pointed out to me). I think this can
> be done on a per-endpoint basis in our case, as the scopes for, say,
> polling an event in a stream may be different from the scopes for creating
> a stream.
>
> Atul
>
> On Wed, May 31, 2023 at 4:42 PM Eric Karlinsky via Openid-specs-risc <
> openid-specs-risc at lists.openid.net> wrote:
>
>> Hey WG -
>>
>> Is there a need or desire to standardize the scopes that need to be
>> requested and granted to set up a stream? e.g., ssf.manage or ssf.read. The
>> value would be that this would be one less variable to be set by an admin
>> when setting up a stream. Has this been discussed?
>>
>> Thanks,
>> Eric
>>
>> --
>>
>> Eric Karlinsky (he/him/his)
>>
>> Director, Product Management – Security
>>
>> eric.karlinsky at okta.com
>>
>> <https://okta.com/>
>>
>> _______________________________________________
>> Openid-specs-risc mailing list
>> Openid-specs-risc at lists.openid.net
>> https://lists.openid.net/mailman/listinfo/openid-specs-risc
>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/openid-specs-risc__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocEBaA1i2Y$>
>>
>

-- 

Eric Karlinsky (he/him/his)

Director, Product Management – Security

eric.karlinsky at okta.com

<https://okta.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230622/5a66b240/attachment.html>

More information about the Openid-specs-risc mailing list