This message was deleted.

looks like the fosite link goes to hydra

ha, nice find - thanks!

this is a lot of great information, thank you!

you’re welcome, thank you for providing feedback 🙂 got it, i think the idea behind having it as the last item was to first explain the difficulties and then draw from those explanations (because now they should be obvious) and provide some easy things people can say

Great read! Only a few spelling & grammatical errors

Thank you Omar! If you want, you can make a PR for this document 🙂 I would highly appreciate it! https://github.com/ory/web/blob/master/src/markdown/blog/oauth2-use-cases-examples.mdx

Sure thing!

thank you!!

Sorry it took so long. Our release partner at work needed help, so had to take care of that https://github.com/ory/web/pull/503

Excellent article! I think I need to read this a couple of times to completely digest all the material that is covered 😃 I like the “scopes are not permissions” part. At my company we are planning to use Kratos OSS for Identity management. However we have different teams developing different “services” with their own user profiles. What we wanted was a core Identity Management Platform for managing user authentication and authorization from different services. So we decided to let Kratos manage only the email and password of each service and use Ory Hydra on top of Kratos. We decided to use “scope” to manage the service "scope” i.e. to identify the service that the user is allowed to login to because we wanted to keep service scope out of the user profiles. Would like your opinion on this 🙏🏽

what you're looking for is not the scope, but the audience

Ah! That makes a lot of sense. Thank you 🙏 I always wondered what role “audience” played and got that “Aha”moment now 😀

nice .)

And this makes sense too… awesome! https://www.ory.sh/hydra/docs/advanced/#audience Setting the audience actually removes a lot of headaches from them implementation side… 😃