align JWT Claim set scope list data type with standards and industry - Githubissues

nasa / utm-apis

The collection of APIs for NASA's UTM project in the form of OpenAPI documents.

55 stars 35 forks source link

align JWT Claim set scope list data type with standards and industry #177

Closed issmith1 closed 4 years ago

issmith1 commented 4 years ago

JWT Claims Set's scope element is an array whereas both 'scope' GET Token request and Token response is a space-separated string. Our industry partner is currently incompatible with an array. Determine a fix amenable to industry, FAA and available standards, and document in this API.

Verify FAA's implementation wrt validation of a JWT Claims Set's scope element.

The only occurrence of multiple scopes is here: https://github.com/nasa/utm-apis/issues/174

As per @nasajoey This RFC is expired, but they do have scopes as a single string, space separated like the request: https://tools.ietf.org/id/draft-bertocci-oauth-access-token-jwt-00.html#rfc.section.3

@arkits

issmith1 commented 4 years ago

JWT Claim’s Scope https://github.com/nasa/utm-apis/issues/177 Spec is closed

Service is Open https://atmjira.arc.nasa.gov/browse/UAMX3-466