-
Type:
New Feature
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: V4.01_CS02
-
Fix Version/s: None
-
Component/s: Vocabularies
-
Labels:None
-
Resolution:
Our Authorizations vocabulary describes multiple different authentication flows and the scopes that can be requested for each flow.
What is missing is a way of documenting which resources/properties are available given a particular scope.
This would allow documentation to be generated that tells the client/app which scopes they need to request in order to access certain resources.
OData-884 and OData-1145 attempt to align with OpenAPI by describing operations supported, and necessary headers, parameters, and permissions required to invoke those operations. However, we have moved away from OData-884, which uses a more operation-centric approach, to something that aligns with our capabilities. In doing so, we need a way to specify what permissions are required to access a particular resource (or properties within a resource).