Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Grant admin scopes only to admin-approved clients during authZ code/device flow #819

Closed
rmiccoli opened this issue Jul 30, 2024 · 1 comment
Assignees

Comments

@rmiccoli
Copy link
Contributor

rmiccoli commented Jul 30, 2024

Clients approved by regular users during authZ code/device flow cannot get admin scopes even if they are allowed to get them.
A filter should be added to the /authorize endpoint (at the consent page level as for the IAM scope policies).

@rmiccoli rmiccoli linked a pull request Jul 30, 2024 that will close this issue
@enricovianello
Copy link
Member

Should client-credentials flow be affected?

@rmiccoli rmiccoli changed the title Grant admin scopes to admin-approved clients only Grant admin scopes ony to clients approved by admins during authZ code/device flow Aug 2, 2024
@rmiccoli rmiccoli changed the title Grant admin scopes ony to clients approved by admins during authZ code/device flow Grant admin scopes only to admin-approved clients during auth code/device flow Aug 2, 2024
@rmiccoli rmiccoli changed the title Grant admin scopes only to admin-approved clients during auth code/device flow Grant admin scopes only to admin-approved clients during authZ code/device flow Aug 2, 2024
@enricovianello enricovianello removed this from v1.10.1 Aug 27, 2024
@rmiccoli rmiccoli self-assigned this Sep 16, 2024
@rmiccoli rmiccoli closed this as completed by moving to Done in v1.11.0 Sep 18, 2024
@rmiccoli rmiccoli reopened this Sep 18, 2024
@rmiccoli rmiccoli removed the status in v1.11.0 Nov 12, 2024
@rmiccoli rmiccoli moved this to In Progress in v1.11.0 Nov 12, 2024
@rmiccoli rmiccoli removed this from v1.11.0 Dec 19, 2024
@rmiccoli rmiccoli added this to v1.10.3 Dec 19, 2024
@rmiccoli rmiccoli moved this to Done in v1.10.3 Dec 19, 2024
@rmiccoli rmiccoli closed this as completed by moving to Done in v1.10.3 Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging a pull request may close this issue.

2 participants