Started my career building mobile apps (before it was cool!). Have worked in Amazon, Fermyon and AuthZed. I enjoy coding, creating content, public speaking and community building.
OAuth scopes face the same problems as pre-canned roles - Sometimes they're not fine grained enough, and if you just do one-scope-per-thing that can be done, your scope list gets too big to store and manage effectively.
Here's a real-world example: You have a scope for an Admin role. Now suppose you need a billing-admin (only change billing settings), or auditor (see everything, do nothing), or an assistant (federate access, do nothing).. you get my drift.
Eventually user-defined roles really break the OAuth paradigm.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
OAuth scopes face the same problems as pre-canned roles - Sometimes they're not fine grained enough, and if you just do one-scope-per-thing that can be done, your scope list gets too big to store and manage effectively.
Here's a real-world example: You have a scope for an Admin role. Now suppose you need a billing-admin (only change billing settings), or auditor (see everything, do nothing), or an assistant (federate access, do nothing).. you get my drift.
Eventually user-defined roles really break the OAuth paradigm.