Working with Laravel Passport scopes: typical workflow

239 views Asked by At

Perhaps such an obvious question, but requesting an access token with Password Grant Type and 'scope' => '*', using Laravel 5.3 + Passport always returns the all-access token, no matter the user who requested it.

So... Where does the filtering / limiting validation logic usually reside? Can you please specify the common workflow in this situations?

0

There are 0 answers