prosody-modules
17d9533f7596
mod_authz_delegate/README.md
Software / code / prosody-modules
File
mod_authz_delegate/README.md @ 6326:17d9533f7596
mod_http_oauth2: Reject invalid attempt to register client without credentials
The implicit flow works without a client_secret since the token is
delivered directly, but all other currently supported grant types
require client to authenticate using credentials, so it makes no sense
to not issue credentials then.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 03 Jul 2025 15:45:00 +0200 |
| parent | 5288:f61564b522f7 |
line wrap: on
line source
--- summary: Authorization delegation rockspec: {} ... This module allows delegating authorization questions (role assignment and role policies) to another host within prosody. The primary use of this is for a group of virtual hosts to use a common authorization database, for example to allow a MUC component to grant administrative access to an admin on a corresponding user virtual host. ## Configuration The following example will make all role assignments for local and remote JIDs from domain.example effective on groups.domain.example: ``` VirtualHost "domain.example" Component "groups.domain.example" "muc" authorization = "delegate" authz_delegate_to = "domain.example" ```
