Scope parameter not supported for OAuth client credentials #207
Description
Checklist
- I agree to the terms within the OpenFGA Code of Conduct.
Describe the problem you'd like to have solved
Currently there is no scope parameter when the . Many OAuth authorization servers require the scope parameter to be passed in and other openfga sdks support passing in OAuth scope.
Describe the ideal solution
current client credentials configuration
configuration = ClientConfiguration(
api_url=FGA_API_URL, # required
store_id=FGA_STORE_ID, # optional, not needed when calling `CreateStore` or `ListStores`
authorization_model_id=FGA_MODEL_ID, # Optional, can be overridden per request
credentials=Credentials(
method='client_credentials',
configuration=CredentialConfiguration(
api_issuer=FGA_API_TOKEN_ISSUER,
api_audience=FGA_API_AUDIENCE,
client_id=FGA_CLIENT_ID,
client_secret=FGA_CLIENT_SECRET,
)
)
)
desired client credentials configuration with scope
configuration = ClientConfiguration(
api_url=FGA_API_URL, # required
store_id=FGA_STORE_ID, # optional, not needed when calling `CreateStore` or `ListStores`
authorization_model_id=FGA_MODEL_ID, # Optional, can be overridden per request
credentials=Credentials(
method='client_credentials',
configuration=CredentialConfiguration(
api_issuer=FGA_API_TOKEN_ISSUER,
api_audience=FGA_API_AUDIENCE,
client_id=FGA_CLIENT_ID,
client_secret=FGA_CLIENT_SECRET,
scopes=SCOPES
)
)
)
Alternatives and current workarounds
No response
References
No response
Additional context
No response