Forum Discussion

New Contributor

3 years ago

How to specify OR logic for scopes in security oauth2

Hello, I have to implements a case of authentication that would accept oneOf provided scopes: OAUTH2 [scope1 OR scope2]. I've try different configurations whithout success, logic AND is always take...

HKosova

SmartBear Alumni (Retired)

3 years ago

Hi Quam,

Your first example is the correct way to represent "scope1 OR scope2".

What do you mean by "logic AND is always taken in consideration"?

Quam
New Contributor
3 years ago
Thanks for replying HKosova
Looks like with that implementation, the only way to be authorized is to provide a token with both scopes Scope1, Scope2.
Unless I'm always getting 403
- HKosova
  SmartBear Alumni (Retired)
  3 years ago
  This sounds like an issue with your server-side framework or OAuth library - maybe it doesn't support OpenAPI OR logic. Check the documentation on your framework/library, and if you don't find an answers there, file a ticket with them for further support.

Recent Discussions

Help me solve this error
8 days agokj20nt
How do I bypass the Available authorizations dialog?
12 days agobenalabaster
Last-Modified header is invalid: api.swaggerhub.com
12 days agoszepeviktor
Creating SWAGGER File
16 days agoprogrammer_j
Referencing path parameters declared in Domains
Solved
21 days agotobyclements

Forum Discussion

How to specify OR logic for scopes in security oauth2

Related Content

log4j security vulnerability

User scope in TestComplete

Improvement suggestions for property scoping

[Solved] SSL Handshake exception calling a secure webservice

ReadyAPI Security Test Duration ???

Recent Discussions

Help me solve this error

How do I bypass the Available authorizations dialog?

Last-Modified header is invalid: api.swaggerhub.com

Creating SWAGGER File

Referencing path parameters declared in Domains