Forum Discussion

New Contributor

4 years ago

How to specify OR logic for scopes in security oauth2

Hello, I have to implements a case of authentication that would accept oneOf provided scopes: OAUTH2 [scope1 OR scope2]. I've try different configurations whithout success, logic AND is always take...

HKosova

SmartBear Alumni (Retired)

Hi Quam,

Your first example is the correct way to represent "scope1 OR scope2".

What do you mean by "logic AND is always taken in consideration"?

Quam

New Contributor

4 years ago

Thanks for replying HKosova

Looks like with that implementation, the only way to be authorized is to provide a token with both scopes Scope1, Scope2.

Unless I'm always getting 403

HKosova
SmartBear Alumni (Retired)
4 years ago
This sounds like an issue with your server-side framework or OAuth library - maybe it doesn't support OpenAPI OR logic. Check the documentation on your framework/library, and if you don't find an answers there, file a ticket with them for further support.

Recent Discussions

3.1.0 Editor exports inlined?
11 days ago
Dimitar
Error exporting Standardization rules
20 days ago
bjolletz
Import API using API endpoint with Authorization
24 days ago
wijetnga
Having issue with 'should NOT have additional properties additionalProperty: responses'
2 months ago
jamesfloyd
Error 400 - Bad Request
2 months ago
pedromontaldo

Forum Discussion

How to specify OR logic for scopes in security oauth2

Related Content

log4j security vulnerability

User scope in TestComplete

Scope of Data-Driven Loop Table Variable

[Solved] SSL Handshake exception calling a secure webservice

Improvement suggestions for property scoping

Recent Discussions

3.1.0 Editor exports inlined?

Error exporting Standardization rules

Import API using API endpoint with Authorization

Having issue with 'should NOT have additional properties additionalProperty: responses'

Error 400 - Bad Request