We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
/area runtime
/area operator
/area placement
/area docs
/area test-and-release
Not all OAuth2 token issuers require scopes during the client_credential token exchange. For example, Auth0 does not accept 'scopes'.
Therefore, I believe 'scopes' should be optional in the oauth2clientcredentials middleware component. It's currently required to have a value.
oauth2clientcredentials now supports optional scopes, making it compatible with token issuer's like Auth0.
RELEASE NOTE:
The text was updated successfully, but these errors were encountered:
Are you able to configure Auth0 using an empty value for the scopes today?
Sorry, something went wrong.
Yes. I’ve been using it for years without specifying a scope. By that I mean I don’t even pass the key “scopes” in the request. Totally absent.
No branches or pull requests
In what area(s)?
/area runtime
Describe the feature
Not all OAuth2 token issuers require scopes during the client_credential token exchange. For example, Auth0 does not accept 'scopes'.
Therefore, I believe 'scopes' should be optional in the oauth2clientcredentials middleware component. It's currently required to have a value.
Release Note
oauth2clientcredentials now supports optional scopes, making it compatible with token issuer's like Auth0.
RELEASE NOTE:
The text was updated successfully, but these errors were encountered: