Skip to content

Words about scopes and things #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Words about scopes and things #2

wants to merge 1 commit into from

Conversation

aarondandy
Copy link
Contributor

I made some more words about scopes and some other stuff that seemed like a good idea to change.

@aarondandy aarondandy added the enhancement New feature or request label Dec 5, 2023
@aarondandy aarondandy requested a review from jglinsek December 5, 2023 15:54
@aarondandy aarondandy self-assigned this Dec 5, 2023
aarondandy
aarondandy commented Dec 5, 2023
View reviewed changes
Readme.md
2. The second is an access token for rare single sign-on integrations where the subject is a user, and it doubles as an identity token using a JWT format.
Different kinds of tokens in different formats for different contexts can be issued through the user interface and the OAuth endpoints. The following are examples of different scenarios:

- OAuth API tokens providing access to one or more tenants.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like this section can be unified with the section above. It seems weird broken apart like this.

Readme.md

A much more secure, scalable, and user-friendly workflow to generate refresh tokens and short-lived access tokens is through the OAuth authorization code flow. These tokens provide scoped access to one or more rezCloud tenants, and contain no information embedded within them. When multiple tenants are available to a user during the authorization process, the user can select which tenant or tenants will be the subject for the integration authorization and resulting token. After an integration is approved, the standard authorization code flow process takes place and can be used to generate a refresh token and/or access token.

When initiating an authorization request, scope must be provided. A list of supported scopes can be found in the /.well-known/openid-configuration document. An example of scopes for an API integration might be `offline_access folio:view` which would request approval to access reservation data and also permit refreshing the granted token.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"scopes must be provided"
"also permit refreshing the granted access token"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jglinsek jglinsek jglinsek approved these changes

Assignees

@aarondandy aarondandy

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aarondandy @jglinsek