DEV Community

Ramiro for Auth0

Posted on • Edited on • Originally published at auth0.com

On The Nature of OAuth2’s Scopes

Scopes only come into play in delegation scenarios, and always limit what an app can do on behalf of a user: a scope cannot allow an application to do more than what the user can do.

Auth0 Principal Architect Vittorio Bertocci on why you shouldn’t use OAuth2 scopes for every authorization scenario.

Read on 🧙🏻‍♂️

On The Nature of OAuth2’s Scopes

Top comments (0)