> > I propose a set of nine well-known scopes
Can you elaborate on what you mean by "well-known"? Is there some canonical list, where these were pulled from? - Warren On Sun, Apr 2, 2023 at 8:12 PM Clinton Bunch <cdb_i...@zentaur.org> wrote: > This seemed the most appropriate working group to post this suggestion. > > I would like to see a new Internet-Draft/RFC to add some well-known > scopes to the IANA registry to promote adoption of Oauth in Groupware > domains. I will try to write it myself, but have no experience with > I-Ds or as a technical writer and could use some help. > > Since the publication of RFC 7628 there is a push to migrate groupware > servers to use Oauth2. This is hampered by the fact that there are > several different server implementations and client implementations are > often written by different organizations with little overlap. One of > the barriers to widespread adoption is that each authorization server > has a different set of scopes to cover the necessary user > authorizations. One groupware client I know has only a few Auth Servers > available that are hardcoded and nearly every one has a different set of > scopes. Servers have to have appropriate scopes configured by the > administrator in order for the server to know which scopes to check. It > also makes it hard for clients to know which scopes to request without > some sort of configuration file provided by the domain or worse, having > the user enter the appropriate scopes by hand. The latter especially > seems like a support headache for the admin of the groupware servers. > > I propose a set of nine well-known scopes be added to the Oauth URI IANA > registry to address this. > > urn:ietf:params:oauth:scope:mail:read - Authorization to read > email (IMAP,POP) > urn:ietf:params:oauth:scope:mail:send - Authorization to send > mail on the user's behalf (SMTP) > urn:ietf:params:oauth:scope:mail - Combination of the > previous two scopes > urn:ietf:params:oauth:scope:calendar:read - Authorization to read > calendar entries > urn:ietf:params:oauth:scope:calendar:update - Authorization to > update/create/delete calendar entries > urn:ietf:params:oauth:scope:calendar - Combination of the > previous two scopes > urn:ietf:params:oauth:scope:contacts:read - Authorization to read > contacts information > urn:ietf:params:oauth:scope:contacts:update - Authorization to > update/create/delete contact information. > urn:ietf:params:oauth:scope:contacts - Combination of the > previous two scopes > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
