Re: Tenancy in OAuth (Vladimir Dzhuvinov)
>
>
> ------
>
> Message: 1
> Date: Tue, 12 Jan 2021 16:13:26 -0500
> From: Justin Richer
> To: Jaap Francke
> Cc: "oauth@ietf.org&quo
---
Message: 1
Date: Tue, 12 Jan 2021 16:13:26 -0500
From: Justin Richer
To: Jaap Francke
Cc: "oauth@ietf.org"
Subject: Re: [OAUTH-WG] Tenancy in OAuth
Message-ID:
Content-Type: text/plain; charset="utf
Hello Jaap,
Justin made a good overview of the available OAuth facilities when
dealing with multiple resource servers or resource server tenants.
If you have control over the resource server, i.e. the token validation
is going to happen in one place, then you have plenty of freedom to find
out wh
Hi Jaap,
There have been a number of efforts to address this kind of thing in the OAuth
world. You can definitely use a special scope to encode this value, which has
the benefit of fitting into the implementation limitations of nearly all OAuth
systems out there. The “resource” parameter can al
Hi,
I’m looking into the topic of tenancy. A multi-tenant service can be considered
as an OAuth Resource Server managing resources of different tenants.
An AS makes authorization decisions and communicates these using scopes, so one
way would be to ‘encode’ the tenant into the scope values.
Anot