Handle when the current connecting user does not have permission to create clients

WP-API / authentication

The home for design & development of a core WordPress REST API authentication solution

GNU General Public License v2.0

62 stars 2 forks source link

Closed TimothyBJacobs closed 4 years ago

TimothyBJacobs commented 4 years ago

Right now, a dynamic client is registered whether or not the current connecting user has permission to create clients.

I can think of a couple of ways this could be handled.

Display an error if the dynamic client does not already exist in the site.
Create the client, but do not approve it. An admin would then have to approve the client before it can be used.
Keep the current behavior.