OAuth 2.0 (RFC 6749) is a great authorization framework but it leaves much up to the imagination. Luckily, there are numerous extensions that expand, explain, and clarify the basic capabilities to build a robust and powerful suite of standards. That said, there’s one unobviously complex area which gets little attention: Scopes. What is an OAuth Scope? […]