[OPENAM-11032] Need an option to limit, allow or deny OAuth2.0 flows per application Created: 12/Apr/17 Updated: 17/Jul/18 Resolved: 17/Jul/18
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
|Epic Link:||OAuth2 per-client configuration|
|Support Ticket IDs:|
Need an option in the agent configuration page to allow or deny the 4 flows (authorization code, password credentials, client credentials, implicit grant). Only chosen flows should be available for the those agents/applications. Customers would like to enforce some set of applications always use Authorization code grant and block them from using password credentials grant.
|Comment by Andy Hall [ 10/Oct/17 ]|
Kamal Sivanandam Could this be achieved by removing the response type plugins for the OAuth2 Provider Service or the support response types on the OAuth2 client?
|Comment by Joe Starling [ 24/Nov/17 ]|
The spec references this as a potential error response to the resource owner password flow, which could suggest that the authorization server should somehow be aware of which flows a particular client is authorized to use (or, that some authz servers can outright deny certain grant types...)
|Comment by Nicolas Guichard [X] (Inactive) [ 25/Nov/17 ]|
Hello, I believe the correct error code regarding this issue is :