Support OAuth permission-set Lexicon type and granular scopes #29
Labels
No labels
breaking-change
bug
documentation
duplicate
enhancement
good first issue
help wanted
performance
question
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
Grandiras/ATProto.NET#29
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
The AT Protocol is introducing an OAuth permission/scopes system using
permission-setLexicon definitions. ATProto.NET should support these granular permissions for proper OAuth authorization.Spec Reference
The Permissions specification defines:
Permission types
repo- Access to repository record collections (create/read/update/delete)rpc- Access to specific XRPC endpointsblob- Blob upload permissions (with MIME type constraints)account- Account management (email, password)identity- Identity management (handle changes)include- Include another permission setPermission Set Lexicon type
What's needed
include:app.bsky.authFullApprepo:app.bsky.feed.post?action=createrpc:app.bsky.video.uploadVideoblob?accept=image/*AtProtoScopesbuilder - Extend the existing scope builder to support permission-set referencesContext
Permission sets are being actively rolled out (see proposal). Initial sets cover
app.bsky.*,chat.bsky.*, andtools.ozone.*namespaces.