Scopes for application tokens #4300
Description
Allow authentication tokens to be limited in scope. Maybe something like GitHub:
https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/
Metadata
Metadata
Assignees
Labels
Type
Projects
Milestone
Relationships
Development
Participants
Activity
stale commentedon Jan 22, 2019
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.
randomchance commentedon Jan 9, 2020
This would be pretty nice to have, especially for build authorizations.
mpfaff commentedon May 3, 2020
Are there any plans for this? I don't feel comfortable at all with giving every app full access to my Gitea account.
mcansky commentedon May 7, 2020
what can we do to help for this ?
lunny commentedon May 7, 2020
Send a PR. :)
Jean-Baptiste-Lasselle commentedon Nov 18, 2020
All scopes support in one PR? you made me sincerely laugh ^^ , nevertheless, it would really be awesome to have the concept of Oauth Apps onto gitea,making it it a real social platform
Coding-Kiwi commentedon Jan 4, 2021
If I understand correctly, if I currently authorize an app it can use that oauth access_token to make a request to
/users/{username}/tokensto generate an unlimited, non-expiring access token which then renders the whole oauth expiry/refresh logic useless.EDIT: nope, the
/users/{username}/tokensrequires basic auth. Scopes would be awesome nonthelessMorriz commentedon Apr 26, 2022
bump...any updates? Or other pointers as to where the oidc jwt claims can be got via api? That way we can do our own management on users, teams and groups/role mappings.
cayolblake commentedon Oct 8, 2022
It's a sad show stopper for many use cases preventing the usage of Gitea altogether.