Because what I think when we put scope in OAuth. It means that everytime we define scope: create_user, read_user, update_user, delete_user (let's say we have big module). We need to retrieve from OAuth to process all that information which is not efficient.
I always thinking that OAuth only need to be use for getting the token and refresh token. While security role is defined in the application it self to process the business logi..
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Because what I think when we put scope in OAuth. It means that everytime we define scope: create_user, read_user, update_user, delete_user (let's say we have big module). We need to retrieve from OAuth to process all that information which is not efficient.
I always thinking that OAuth only need to be use for getting the token and refresh token. While security role is defined in the application it self to process the business logi..