Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-2662

Remove OAuth support for authorization code grant and client credentials grant

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Security and Privacy
    • Labels:
      None

      Description

      Based on the discussion in this mailing thread and the meeting afterwards, the decision is to remove:
      1. OAuth2 authorization code grant for supporting web preferences consumers;
      2. OAuth2 client credentials grant for supporting privileged preferences creators;
      3. Web UIs where users login to define privacy profiles for web preferences consumers and onboarded solutions;
      4. privacy filtering for both web preferences consumers and onboarded solutions, as well as the special handling for anonymous tokens.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              cli@ocad.ca Cindy Qi Li
              Reporter:
              cli@ocad.ca Cindy Qi Li
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: