The scope property of a (personal access) token introspection includes already removed roles/grants.
Hello All,
I've been experimenting with ZITADEL for a few days and found it absolutely great, but I've run into an issue that I was not able to debug, so looking for help: I'm using Basic auth API to introspect a system user's personal access token and besides validating it's
Thanks,
Gergely
I've been experimenting with ZITADEL for a few days and found it absolutely great, but I've run into an issue that I was not able to debug, so looking for help: I'm using Basic auth API to introspect a system user's personal access token and besides validating it's
active, also looking for a specific scope -- the problem is when I remove that grant/role authorization for the system user, it's still showing up in the list of scope. Any pointers why is that? The related urn:zitadel:iam:org:project:roles property and urn:zitadel:iam:org:project:***:roles get removed, but the actual scope property is not udpated.Thanks,
Gergely
