New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create rule which logs RP scope requests #272

Open

gene1wood opened this issue May 15, 2019 · 0 comments

Contributor

gene1wood commented May 15, 2019

As a continuation of #269

We should

create another rule that logs what OAuth scopes that RPs request of us
gathering a body of logs so we can determine what scopes RPs request
based on this data determine if we can change our logic from
- give custom claims to all RPs that request any combination of scopes other than "only `openid" to
- give custom claims to RPs that request profile scope

To do this will depend upon us validating that there are no RPs which

don't request profile scope
expect to receive custom claims

An example of this would be an RP that requests openid and email and expects to receive custom claims.

The text was updated successfully, but these errors were encountered:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment