Open Robbilie opened 7 years ago
A several month old (but still very much relevant) mockup of how the grouping could look like: https://imgur.com/a/7SFLF
This is on our roadmap. We're contemplating also some sort of "sensitivity" levels depending on how sensitive information certain scopes provide, for gameplay purposes, for example a scope to read EVE mails or a scope that would provide a characters current location would be clearly displayed on the conscent screen. Also a way for players to not grant all the scopes an app provides, and the app would have to reduce functionality based on the scopes the user accepted.
Would it be possible to combine this in some fashion with #7? Such that asking for a new initial auth code and successfully fetching the first access token would auto revoke the last token authorized by that character for that app. This would be of use for apps that only ask you to authenticate and don't generate a refresh token (i.e. No scope apps). Or even for apps in their testing phases where they can generate a large amount of tokens/entries.
@Aidansavage Interesting. I'll take that into consideration. Perhaps an optional query parameter sent to /oauth/authorize, like expirePreviousTokens=true
or somesuch might be what you are looking for? So when you actually fetch a token with the authentication code it would automatically revoke older tokens for that client/character combo.
Would that work for you?
That will be very useful for website. 👍
However, for desktop apps people may use the software on more than one computer, creating new refreshTokens for each machine, so, you can not rewoke all previous tokens.
So, the suggested UI improvements would still be very useful for desktop software.
Thanks for reading our SSO suggestions 😃
Feature / Modification Request
Description
The Third Party Application page offers the user the abbility to revoke granted tokens: https://community.eveonline.com/support/third-party-applications/ There is a new entry for every granted (refresh_)token, it would be great to group them together and remove all tokens for an application.
Use case
When logging in to applications requesting a token each time this page gets bloated a lot, when wanting to revoke tokens you manually have to go through several pages sometimes.