Ramiro for Auth0

Posted on Sep 5, 2018 • Edited on Apr 23, 2019 • Originally published at auth0.com

On The Nature of OAuth2’s Scopes

#oauth2 #authorization #oauth #identitymanagement

Scopes only come into play in delegation scenarios, and always limit what an app can do on behalf of a user: a scope cannot allow an application to do more than what the user can do.

Auth0 Principal Architect Vittorio Bertocci on why you shouldn’t use OAuth2 scopes for every authorization scenario.

Read on 🧙🏻‍♂️

Top comments (0)

🔐 How to Implement OAuth 2.0 Authentication in ASP.NET Core with External APIs

Esperanza Najera - Nov 11

Custom Role-Based Authorization with JWT in ASP.NET Core

Mofajjal Rasul - Nov 3

How I'm Learning SpiceDB

Sohan - Nov 12

Authorization needs to be dynamic, declarative, and decoupled

Dan - Nov 12

DEV Community