Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-2662

Remove OAuth support for authorization code grant and client credentials grant

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Security and Privacy
    • Labels:
      None

      Description

      Based on the discussion in this mailing thread and the meeting afterwards, the decision is to remove:
      1. OAuth2 authorization code grant for supporting web preferences consumers;
      2. OAuth2 client credentials grant for supporting privileged preferences creators;
      3. Web UIs where users login to define privacy profiles for web preferences consumers and onboarded solutions;
      4. privacy filtering for both web preferences consumers and onboarded solutions, as well as the special handling for anonymous tokens.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cli@ocad.ca Cindy Qi Li
                Reporter:
                cli@ocad.ca Cindy Qi Li
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: