I have read IdentityServer documents and see that aims to manage resporce authorizaiton. And I want to learn that can I use this for my enterprise Api? For example I have Finance and IT department controllers in my API. Should I create 2 scopes for them? If I do, after the login screen will show permissions screen. Check or Uncheck Finanace and IT checkboxes. Can I hide these scopes from user?
IdentityServer usage with enterprise applications
152 Views Asked by barteloma At
1
There are 1 best solutions below
Related Questions in IDENTITYSERVER3
- Setting up IdentityServer wtih Asp.Net MVC Application
- How to setup different roles per application?
- How to switch users while developing?
- identityserver3 Oauth2 with logged in Windows User
- Tokens Getting too Large for Implicit Flow - Thinktecture IdentityServer3
- Identity Server OAuth Resource Owner Password Grant always returns invalid_client
- URL Rewrite for subdomain fails with identityserver3
- Identity Server v3 Custom Page Reset Password
- Redirect to Identity Server Login page from AngularJs http web api request
- How to setup an MVC client for IdentityServer3
- IdentityServer3 Microsoft Graph scopes and flow
- Setup custom usermanager with asp net identity in identityserver
- Identity Server Difference between IdentityServer4.EntityFramework and IdentityServer4.AspNetIdentity
- Storage of OAuth access tokens in Javascript clients (e.g. Angular)
- Client registration and login page with Identity server 4
Related Questions in IDENTITYSERVER4
- Role based Authorization on WebApi Controllers in IdentityServer4?
- No storage mechanism for grants specified. Use the 'AddInMemoryStores' extension method to register a development version
- How to implement Windows Authentication with IdentityServer 4
- Identity Server Difference between IdentityServer4.EntityFramework and IdentityServer4.AspNetIdentity
- Storage of OAuth access tokens in Javascript clients (e.g. Angular)
- Client registration and login page with Identity server 4
- Google Auth not returning a consistent ID with IdentityServer4
- IdentityServer4 RequireConsent true hangs
- Get current user name in IdentityServer4 & ASP.net Core
- Protecting .NET framework 4.x web API with Identity server 4 in
- Sharing of JWT Tokens
- Can I use IdentityServer4 spa JS UI instead of asp .net core mvc?
- Does IdentityServer4 have API to validate an access token?
- IdentityServer4 IdentityServer3.AccessTokenValidation
- How to get id_token along with access_token from identityserver4 via "password" grant_type?
Related Questions in IDENTITYSERVER2
- getting claims from IdentityServer resource scope
- How to add claims to access token get from IdentityServer3 using resource owner flow with javascript client
- Issues with x509 certificate and identityserver v2
- IdentityServer4 SSL problem, I can't make HTTPS request
- .net Core Authenticate with only WS-Fed
- travelocity example wso2
- HTTP Error 500.19 - Internal Server Error - Error Code 0x80070490 - IIS 7.5 ( Works on Azure )
- Migrating from IdentityServer 2.4.0 -> IdentityServer4 4.1.2
- How to deal with extra hash in route? (AngularJS 1.5 + new/component router)
- IdenityServer in an enterprise environment - Resolve user information across multiple databases
- Getting a Token from Identity Server 3
- AD FS 3.0 with Thinktecture Identityserver 2 as claims provider: Event 197 and 364
- IdentityServer3 ResourceOwner Angular request returns 400 Bad request
- IdentityServer usage with enterprise applications
- How to Connect Rails Client to IndentityServer SSO provider
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Scopes model resources, and then you can configure clients to be allowed to request access to those resources. So one reason you break APIs into different scopes is so you can configure which clients can access which APIs. So if you don't want your Finance apps to access the IT APIs, then yes, sounds like those would be two different scopes.
As for showing consent to the user, you can disable the entire consent screen per-client in the Client configuration. This makes sense when it's your client app accessing your APIs on behalf of your users (IOW everything is first-party).