Difference between scope and authority in UAA

后端 未结 2 1032
Happy的楠姐
Happy的楠姐 2021-02-07 11:00

In UAA There are two Concepts, Authority and Scope.

These concepts seems to overlap. I would like to know exact difference and purpose

For example , oauth.login<

2条回答
  •  情歌与酒
    2021-02-07 11:27

    Scopes are permissions of an OAuth Client acting on behalf of a User. They are granted after obtaining a user token with one of the following grant types: auth_code, password, implicit. Scopes signify what the application is allowed to access on User's behalf (referred to as delegated authorisation).

    Authorities are permissions of an OAuth Client acting on its own behalf and there is no User involvement. They are granted after obtaining a client token with grant_type of client_credentials. Typical use is an Application or API trying to access a resource with its own credentials without user involvement.

    In UAA , oauth.login is a system level permission and was being used by the legacy implementation of the login-server project (When UAA and Login Server were separate components). This permission allows admin level access for login server.

提交回复
热议问题