Is your feature request related to a problem? Please describe.
We currently do not have a way to restrict admin access to specific fields within a resource. We use scopes for this for service accounts.
Describe the solution you'd like
We should be able to assign admin scopes to accounts and roles to allow the restriction of admin access to certain fields. These scope resources should use the admin_ prefix to differentiate them from user granted scopes.
Describe alternatives you've considered
An alternative would be to define authorization policy structure where these scopes could be specified for a given permission or set of permissions, however this would require us to load these policies from the database, or an API on the Core BB for other BBs. This may still make sense to support at a future date.
Is your feature request related to a problem? Please describe. We currently do not have a way to restrict admin access to specific fields within a resource. We use scopes for this for service accounts.
Describe the solution you'd like We should be able to assign admin scopes to accounts and roles to allow the restriction of admin access to certain fields. These scope resources should use the
admin_prefix to differentiate them from user granted scopes.Describe alternatives you've considered An alternative would be to define authorization policy structure where these scopes could be specified for a given permission or set of permissions, however this would require us to load these policies from the database, or an API on the Core BB for other BBs. This may still make sense to support at a future date.