Grant Management: deletion of grant elements

Issue #284 resolved

Torsten Lodderstedt created an issue 2020-03-21

The draft currently only describes revocation of a whole grant. It might be desirable to delete/revoke only parts (scope values, authorization details objects, resources, claims).

Comments (8)

Torsten Lodderstedt reporter
- changed component to Grant Management
- 2020-03-23T11:31:23+00:00
Stuart Low
Isn’t this solved by the replace mode? I suspect that modification of a grant to effectively “downgrade” authorisations should require a authorise call?
- 2020-03-25T14:49:46+00:00
Dima Postnikov
Adding Vladimir Dzhuvinov’s feedback via the mailing list:

“Back then I stated there is value in enabling fine-grained revocation of individual scope values and OIDC claims. Incidentally I was discussing a use case that same week which can benefit from this... I hope the perceived difficulty in devising a nice mgmt API for this won't put you off this :)”
- 2020-03-28T12:39:48+00:00
Torsten Lodderstedt reporter
@Vladimir Dzhuvinov could you share more insights about the mentioned use case? The draft currently would support partial removal by replacing the grant content (as pointed out by Stuart above). We would like to understand whether this is sufficient for your use case.
- 2021-06-07T13:11:42+00:00
Vladimir Dzhuvinov
The original use case evolved, but I believe the “replace” action will do just fine in this case (once it gets completed).

Thanks!

‌
- 2021-06-14T07:45:46+00:00
Stuart Low
- assigned issue to
  
  Stuart Low
- 2021-06-15T10:20:56+00:00
Stuart Low
Pending update and merge of https://bitbucket.org/openid/fapi/pull-requests/266
- 2021-06-15T10:21:25+00:00
Dima Postnikov
- changed status to resolved
PR merged
- 2021-06-16T14:50:47+00:00
Log in to comment

Assignee: Stuart Low

Type: enhancement

Priority: major

Status: resolved

Component: Grant Management

Milestone: –

Votes: 0

Watchers: 3