prosody-modules
3eb0255b41b3
mod_http_oauth2/README.md
Software / code / prosody-modules
Comparison
mod_http_oauth2/README.md @ 6342:3eb0255b41b3
mod_http_oauth2: Update README to mention XEP-0493
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Tue, 15 Jul 2025 23:06:10 +0200 |
| parent | 6317:8108aec64fb9 |
| child | 6343:6f4469d97349 |
comparison
equal
deleted
inserted
replaced
| 6341:3f0970babd67 | 6342:3eb0255b41b3 |
|---|---|
| 273 | 273 |
| 274 ### Scopes | 274 ### Scopes |
| 275 | 275 |
| 276 OAuth supports "scopes" as a way to grant clients limited access. | 276 OAuth supports "scopes" as a way to grant clients limited access. |
| 277 | 277 |
| 278 There are currently no standard scopes defined for XMPP. This is | 278 [XEP-0493: OAuth Client Login] describes using OAuth 2.0 / OpenID Connect with XMPP. |
| 279 something that we intend to change, e.g. by definitions provided in a | 279 This module does not yet support [the scopes defined](https://xmpp.org/extensions/xep-0493.html#oauth-scopes). |
| 280 future XEP. This means that clients you authorize currently have to | 280 This means that clients you authorize currently have to |
| 281 choose between unrestricted access to your account (including the | 281 choose between unrestricted access to your account (including the |
| 282 ability to change your password and lock you out!) and zero access. So, | 282 ability to change your password and lock you out!) and zero access. So, |
| 283 for now, while using OAuth clients can prevent leaking your password to | 283 for now, while using OAuth clients can prevent leaking your password to |
| 284 them, it is not currently suitable for connecting untrusted clients to | 284 them, it is not currently suitable for connecting untrusted clients to |
| 285 your account. | 285 your account. |
