How to specify OR logic for scopes in security oauth2

Question

Hello,I have to implements a case of authentication that would accept oneOf provided scopes: OAUTH2 [scope1 OR scope2].I've try different configurations whithout success, logic AND is always taken in consideration.security:  - check: [scope1]  - check: [scope2]components:  securitySchemes:    check:      type: oauth2security:  - check: [scope1]  - check2: [scope2]components:  securitySchemes:    check:      type: oauth2    check2:      type: oauth2Any advise?Many thanks&nbsp;

hkosova · Answer

Hi&nbsp;Quam,
Your first example is the correct way to represent "scope1 OR scope2".
What do you mean by "logic AND is always taken in consideration"?

quam · Answer

Thanks for replying&nbsp;HKosova&nbsp;Looks like with that implementation, the only way to be authorized is to provide a token with both scopes Scope1, Scope2.Unless I'm always getting 403

hkosova · Answer

This sounds like an issue with your server-side framework or OAuth library - maybe it doesn't support OpenAPI OR logic. Check the documentation on your framework/library, and if you don't find an answers there, file a ticket with them for further support.

Forum Discussion

How to specify OR logic for scopes in security oauth2

3 Replies

Recent Discussions

Registry API issue

Kots Admin Console not installing

Unable to Add product to portal and unsure why.

Related Content

User scope in TestComplete

log4j security vulnerability

[Solved] SSL Handshake exception calling a secure webservice