Skip to content

Inconsistent OAuth scopes between Data Browser and Azul Swagger UI #5095

New issue
New issue
Open
Bug
Open
Inconsistent OAuth scopes between Data Browser and Azul Swagger UI#5095
Bug
Labels
-[priority] Mediumauthorization[subject] Enforcing of access controlsdebt[type] A defect incurring continued engineering costgroomed[process] Issue was recently looked at during backlog groomingorange[process] Done by the Azul teamservice[subject] The service part of Azul
@hannes-ucsc

Description

@hannes-ucsc
hannes-ucsc
opened on Mar 29, 2023

DB uses https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile and openid. Swagger UI only uses only https://www.googleapis.com/auth/userinfo.email.

I've been getting mixed messages from Broad folks which scopes are actually necessary.

The three used by the DB seem fairly standard and don't require app validation by Google so why not use them for the Swagger UI, too.

Solve together with #4338.

Metadata

Metadata

Assignees

No one assigned

    Labels

    -[priority] Mediumauthorization[subject] Enforcing of access controlsdebt[type] A defect incurring continued engineering costgroomed[process] Issue was recently looked at during backlog groomingorange[process] Done by the Azul teamservice[subject] The service part of Azul

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions