[IPP] Example value for "oauth-authorization-scope"?

[IPP] Example value for "oauth-authorization-scope"?

Michael Sweet msweet at msweet.org
Thu Apr 28 15:33:26 UTC 2022


Smith,

> On Apr 28, 2022, at 11:19 AM, Kennedy, Smith (Wireless & IPP Standards) via ipp <ipp at pwg.org> wrote:
> 
> Signed PGP part
> Greetings,
> 
> HP is curious what types of values a Client might expect to find supplied by the "oauth-authorization-scope" Printer Description attribute registered in May 2019:
> 
> https://ftp.pwg.org/pub/pwg/ipp/registrations/ippwg-oauth-authorization-scope-20190521.txt
> 
> The registration talks about roles, such as User or Administrator. Is this the only range of information that a Client might encounter provided by this attribute? Or could it be more granular, like allowed operations, etc.? Looking at this page that points to the RFC and some examples, it seems like it could be application-specific: https://oauth.net/2/scope/

It *is* application-specific, but I would expect the scope(s) to specify a role or functionality supported by the OAuth server.  I wouldn't expect it to be as fine-grained as individual IPP operations, but I can see admin/operator/user scopes for the Printer, much as Github exposes different scopes for read-only, read-write, and administrative access to repositories and organizations, in addition to scopes for access to contact/profile information.

________________________
Michael Sweet



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://www.pwg.org/pipermail/ipp/attachments/20220428/f97cfb1d/attachment.sig>


More information about the ipp mailing list