Claim

Claim

March 30, 2024 | seedling, permanent

tags :

In OAuth2 #

Definition #

Scope vs Claim #

ref

  • Claims are assertions that one subject (e.g. a user or an Authorization Server) makes about itself or another subject, user.

  • Scopes are groups of claims.

  • Another way of looking at scopes and claims is that scopes are more on the client level(mobile application or SPA).

  • The client requests consent for a given scope, and the Authorization Server can limit which clients can request which scopes.

  • The claims are more on the identity or user level.

  • They are pieces of information about the identity itself.

  • Scopes give you a more coarse way of access control, which can be easily implemented at the API Gateway.

  • Together with claims they can be used for a fine grained authorization control of both the user and client, which is usually done by the API.

  • Scope are group of claims

ref: youtube

Links to this note

Calendar March 30, 2024

Go to random page

Previous Next