Reputation: 612
How to create one FusionAuth application with many oauth clients with scopes
I want to have a main application where all users are registered and create many oauth clients with limited scopes to access user data.
I tried to solve this with applications, but it seems that them don't know about each other.
Is this possible with fusion auth? If so, how can I implement that.
Upvotes: 1
Views: 406
Answers (2)
Reputation: 4978
You can create as many applications as you want. User grants of custom OAuth scopes are not fully implemented, as mentioned in that GitHub issue.
You could work around that by creating an application for each type of access, or by using roles within an application. If you had a blog, for example, you could create an admin role, an editor role, a contributor role, and a subscriber role. You could use a lambda to assign the roles to the JWT ( see example here: https://fusionauth.io/community/forum/topic/281/implementing-a-role-based-access-system-for-authorization/2 ).
Then your application could examine roles in the JWT and provide appropriate access.
Hope that helps. Feel free to respond here or in the forum if you'd like to discuss further.
Upvotes: 0
Related Questions
- OAuth2 Architecture with 2 Resource Servers having their own Different Scopes
- Implementing OAuth 2 in a multi-tenant application using dynamic scopes
- Multi tenant OAuth with FusionAuth
- How can I restrict user login/authetication access to specific applications within a single tenant?
- Multi-tenant authorization wth FusionAuth
- Oauth 2.0 - Single resource server but multiple client applications
- How to selectively add scopes for Google Apps accounts
- OAuth 2.0 Authentication Server with multiple Resource Servers
- How to authenticate the same user on multiple clients using OAuth2?
- OAuth 2.0 multiple scopes (client credentials case)