What use are 'Scopes' in Azure B2C Authentication?

后端 未结 2 672
慢半拍i
慢半拍i 2021-02-14 16:37

I don\'t understand how the \'Scopes\' in Azure B2C are supposed to be used. They are associated with an API, but not a user. I\'m sure I\'m missing something, but I see no pra

2条回答
  •  谎友^
    谎友^ (楼主)
    2021-02-14 16:54

    Roles and scopes provide the two halves for this user access control.

    Roles -- such as Administrator, Member, and Guest -- determine whether an authenticated user is permitted to delete objects.

    Scopes -- such as read, write, and delete -- determine whether an authorized application can delete objects on behalf of an authorizing/consenting user if this user, through their role assignment/s, is permitted to do so.

    Azure AD B2C doesn't have any current support for managing roles and assignments of them to users.

    It does, however, have support for managing scopes and assignments of them to applications.

提交回复
热议问题