How can I perform autherization with OAuth, like concpet of limited access?
For example, in calculator, some users can access only addition operation but some can access all other operations.
Usually we would recommend you do that with some metadata attached to the user - like a group or a role, that is asserted by the Identity Provider.
This lab exercise shows how you might do that with a 3-legged OAuth flow.
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |