Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OAuth Levels for App Passwords #1072

Open
TheRipperoni opened this issue Jul 28, 2023 · 0 comments
Open

OAuth Levels for App Passwords #1072

TheRipperoni opened this issue Jul 28, 2023 · 0 comments
Labels
feature-request A request for a new feature x:on-the-roadmap We're planning to do this but it may be a bit

Comments

@TheRipperoni
Copy link

Is your feature request related to a problem? Please describe.

As Bluesky is growing, app passwords are only becoming more commonly used for external services. This opens up risk as those services themselves have their own trust concerns, but also vulnerability of hacks, bad logging patterns, and more.

Describe the solution you'd like

A manner to set the authorization scope level for a given app password to prevent the risk of having an app password taken to then be used for means it was not intended

Describe alternatives you've considered

Being able to set app passwords to only be authorized for specific host origins

Additional context

I noticed that when calling custom feeds bearer tokens are already implemented so thought this may not be too complicated an ask

@TheRipperoni TheRipperoni added the feature-request A request for a new feature label Jul 28, 2023
@pfrazee pfrazee added the x:on-the-roadmap We're planning to do this but it may be a bit label Aug 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature-request A request for a new feature x:on-the-roadmap We're planning to do this but it may be a bit
Projects
None yet
Development

No branches or pull requests

2 participants