Which are the scopes that i can add in OAuth Client app in Integration?
As of right now, I think the only working scopes are “all” and “openid”
You can get more info on this thread: OAuth 2 provider for Frappe Apps - #14 by Pau_Rosello_Van_Scho
As you can see I have plans to improve it but I don’t know when I will be able to fix it
Can you explain me what is mean by “all” and “openid”?
If specify only “all” which scopes are accessible to user and If specify only “openid” which scopes are accessible to user?
any string in scope will give you same access token. e.g. all, project, abc, xyz, pqr etc.
there is no restriction on resource. access token will have all permissions user has.
If you use scope openid
access token json will also have “id_token” i.e it’ll return jwt which can be decoded using HS265
algorithm and client_secret
the id_token when decoded will result into following:
{
"aud": client_id,
"exp": expiration_time,
"sub": frappe_userid of User,
"iss": frappe_server_url,
"at_hash": (access_token, hashlib.sha256)
}