DEV Community


On The Nature of OAuth2’s Scopes

ramiro__nd profile image Ramiro Originally published at Updated on ・1 min read

Scopes only come into play in delegation scenarios, and always limit what an app can do on behalf of a user: a scope cannot allow an application to do more than what the user can do.

Auth0 Principal Architect Vittorio Bertocci on why you shouldn’t use OAuth2 scopes for every authorization scenario.

Read on 🧙🏻‍♂️

On The Nature of OAuth2’s Scopes

Discussion (0)

Forem Open with the Forem app