Allow use of unauthorized OAuth clients by collaborators #49
Labels
c/identity server
This is related to the Identity Server
Comments
johanstokking
added
c/identity server
|
With #5414 landing in The Things Stack we can expect an increase in requests for OAuth client approvals. Since many of those clients will initially only be used for development (and not for use by the larger community) I think we should re-prioritize this issue so that we can make it easier for users to get started with developing OAuth clients without having to wait for admin approval. cc: @NicolasMrad |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary:
We should allow collaborators of OAuth clients to use those clients before they are approved.
Why do we need this?
Would be very helpful for development.
What is already there? What do you see now?
Regular OAuth flow that rejects requests for "REQUESTED" clients.
What is missing? What do you want to see?
Before rejecting the request based on REQUESTED state, check if the current user collaborates on the OAuth client and then still allow the authorization.
How do you propose to implement this?
As described above, altough we should probably discuss the consequences first. Especially considering that you could add anyone as collaborator on the Client without them having to approve their membership.
Original issue: https://github.com/TheThingsIndustries/lorawan-stack/issues/1414 by @htdvisser
The text was updated successfully, but these errors were encountered: