Open rmiccoli opened 1 month ago
Clients approved by regular users during authZ code/device flow cannot get admin scopes even if they are allowed to get them. A filter should be added to the /authorize endpoint (at the consent page level as for the IAM scope policies).
/authorize
Should client-credentials flow be affected?
Clients approved by regular users during authZ code/device flow cannot get admin scopes even if they are allowed to get them. A filter should be added to the
/authorize
endpoint (at the consent page level as for the IAM scope policies).