Default scopes for application
We use Wundergraph (https://github.com/wundergraph/wundergraph) as our API gateway and federation solution in front of our microservices.
Unfortunately, Wundergraph does not support adding scopes to the OIDC authentication flow. Therefore, I cannot add scopes like
urn:zitadel:iam:user:resourceowner to get the organizationId (which is mandatory for our microservices. We always identify a user by his ID and companyId).
I've already opened a ticket with them to support custom scopes, but is there an option to define default scopes for an application within Zitadel so every token includes the resourceowner information?GitHub
GitHub - wundergraph/wundergraph: WunderGraph is a Backend for Fron...
WunderGraph is a Backend for Frontend Framework to optimize frontend, fullstack and backend developer workflows through API Composition. - GitHub - wundergraph/wundergraph: WunderGraph is a Backend...
5 Replies
Unknown User•12mo ago
Message Not Public
Sign In & Join Server To View
at the moment there is no option to define the default scopes for an app
Unknown User•12mo ago
Message Not Public
Sign In & Join Server To View
great
wondering whats the RFC spec for scopes , we can add app (project) roles in the token claims but how do we define scope for an app?