Ciao Nicola,
I was wondering: is there a way to associate a client_id with a specific endpoint?
Example:
Tokens created with client_id d1p4Kg7bS7M90XrseVeHa37lfAGCj8YgicVHlO93 are authorized to request just the https://api.website.com/people/ endpoint and nothing else. If a token created with another client_id requests the people endpoint a 401 error is returned.
I see that in the clients mongo collection there's a default_scope field which is always empty and in the tokens collection there's a scope field which is also always empty.
In your code I see that these scopes are empty by default and never gets filled with some value.
Maybe this code and field was a preparation for a future development?
Thank you in advance!
Andrea
Ciao Nicola,
I was wondering: is there a way to associate a client_id with a specific endpoint?
Example:
Tokens created with client_id
d1p4Kg7bS7M90XrseVeHa37lfAGCj8YgicVHlO93are authorized to request just thehttps://api.website.com/people/endpoint and nothing else. If a token created with another client_id requests thepeopleendpoint a 401 error is returned.I see that in the
clientsmongo collection there's adefault_scopefield which is always empty and in thetokenscollection there's ascopefield which is also always empty.In your code I see that these scopes are empty by default and never gets filled with some value.
Maybe this code and field was a preparation for a future development?
Thank you in advance!
Andrea