custom scopes based on application

Question

I am trying to define different scopes for each oauth application in Django-oauth-toolkit. I realized I can define different scopes on the settings file. But it seems that they apply to every new oauth-application I create.

OAUTH2_PROVIDER = {
    'SCOPES': {
        'read': 'Read scope',
        'write': 'Write scope',
        'custom': 'Custom scope.'
    },

Is there a way to define scopes for a particular oauth-application?

score 0 · Accepted Answer · answered Aug 24 '21 at 14:20

When the scopes need to differ they must be included in the request to get an access token as specified here.

So basically the request to get an access token should look like:

http://127.0.0.1:8000/o/authorize/?response_type=code&client_id=CLIENT_ID&redirect_uri=http://127.0.0.1:8000/noexist/callback&scope=write+custom

custom scopes based on application

1 Answers1