Hey,
When using the authenticate url for OAuth login, I noticed that you can *
only* have the scope urn:websignon.warwick.ac.uk:sso:service <>. Having
any other scopes results in the user being forced to re-allow the client in
question, even if the user has all ready allowed the client in the past with
the same set of scopes.
Is this intentional, or am I doing something wrong??
Thomas
Web Sign On
Web Sign On
OAuth Authenticate
You need to be logged in to post in this topic.
-
0 likes
-
Hi Thomas, That's the expected behaviour for the authenticate endpoint. Using this scope modifies the authorisation flow to look more like a regular login. You can also use a scope value of "authenticate" rather than the full websignon scope ID, though the behaviour will be the same.0 likes