[Openid-specs-risc] Scopes Required for SSF Stream Configuration

Atul Tulshibagwale atul at sgnl.ai
Fri Jun 23 00:22:57 UTC 2023 

Yeah, sorry I meant "scopes_supported"

On Thu, Jun 22, 2023, 4:33 PM Eric Karlinsky <eric.karlinsky at okta.com>
wrote:

> Thanks Atul - I assume you mean "scopes supported"?
>
> "scopes_supported":
>>      ["openid", "profile", "email", "address",
>>       "phone", "offline_access"],
>
>
> In that case, I think it's a great idea. There still needs to be some
> coordination on the meaning of the scopes, unless we define a set of
> allowable scopes.
>
> On Thu, Jun 22, 2023 at 5:52 PM Atul Tulshibagwale <atul at sgnl.ai> wrote:
>
>> *This message originated outside your organization.*
>>
>> ------------------------------
>>
>> Hi Eric,
>> I've added this to next week's agenda
>> <https://urldefense.com/v3/__https://hackmd.io/@oidf-wg-sse/wg-meeting-20230627__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocENxy0TCU$>.
>> There's a OpenID Connect Discovery
>> <https://urldefense.com/v3/__https://openid.net/specs/openid-connect-discovery-1_0.html__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocECSNvfSw$>
>> spec that has the idea of "suggested_scopes". This could be appropriate for
>> our purpose (as someone outside the WG pointed out to me). I think this can
>> be done on a per-endpoint basis in our case, as the scopes for, say,
>> polling an event in a stream may be different from the scopes for creating
>> a stream.
>>
>> Atul
>>
>> On Wed, May 31, 2023 at 4:42 PM Eric Karlinsky via Openid-specs-risc <
>> openid-specs-risc at lists.openid.net> wrote:
>>
>>> Hey WG -
>>>
>>> Is there a need or desire to standardize the scopes that need to be
>>> requested and granted to set up a stream? e.g., ssf.manage or ssf.read. The
>>> value would be that this would be one less variable to be set by an admin
>>> when setting up a stream. Has this been discussed?
>>>
>>> Thanks,
>>> Eric
>>>
>>> --
>>>
>>> Eric Karlinsky (he/him/his)
>>>
>>> Director, Product Management – Security
>>>
>>> eric.karlinsky at okta.com
>>>
>>> <https://okta.com/>
>>>
>>> _______________________________________________
>>> Openid-specs-risc mailing list
>>> Openid-specs-risc at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/openid-specs-risc
>>> <https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/openid-specs-risc__;!!PwKahg!4gd4EDWdHGW6poYa8oG6J_jD22T-Z19TXaXB0uphMBjCZNmfsqkCLbXkWkb7F45g5YpkAocEBaA1i2Y$>
>>>
>>
>
> --
>
> Eric Karlinsky (he/him/his)
>
> Director, Product Management – Security
>
> eric.karlinsky at okta.com
>
> <https://okta.com/>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20230622/6ece02f7/attachment-0001.html>

More information about the Openid-specs-risc mailing list