OC_SECRET is no longer available and has been replaced by EdDSA signatures.
JWT tokens do not contain scopes or capabilities directly. Instead, they map to a subject, which identifies an account. This account holds relations to API token entities that have their scopes configured in the database.
OC_SECRET is no longer available and has been replaced by EdDSA signatures.
JWT tokens do not contain scopes or capabilities directly. Instead, they map to a subject, which identifies an account. This account holds relations to API token entities that have their scopes configured in the database.