idp.global/app
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
531909e88c36fb01399d71575dace2cade9ded38
app/stories/developer/DEV-005-oauth-client.md
T
jkunz 014fb3080a add stories
2025-11-30 15:01:28 +00:00

942 B
Raw Blame History

Register OAuth Client App

ID: DEV-005 Priority: Medium Status: Planned

User Story

As a developer, I want to register my application as an OAuth client so that users can authorize my app to access their data using standard OAuth 2.0 flows.

Acceptance Criteria

  • Register OAuth 2.0 client application
  • Support Authorization Code flow
  • Support PKCE for public clients (mobile/SPA)
  • Configure allowed scopes per client
  • Consent screen customization
  • Token endpoint for code exchange
  • Refresh token support
  • Client credentials flow for server-to-server

Technical Notes

  • OAuth keywords in package.json suggest this is planned
  • Implement OAuth 2.0 authorization server endpoints
  • Scopes: openid, profile, email, organizations
  • Consider OpenID Connect for identity layer
  • PKCE is required for mobile and SPA security

Related TODOs

  • New feature - OAuth server implementation
Reference in New Issue View Git Blame Copy Permalink