Class AccessTokenClaimKeys.CommonClaims

java.lang.Object
com.broadleafcommerce.auth.resource.domain.AccessTokenClaimKeys.CommonClaims
Enclosing class:
AccessTokenClaimKeys

public static final class AccessTokenClaimKeys.CommonClaims extends Object
General cross-cutting claims.
  • Field Details

    • AUTHORITIES

      public static final String AUTHORITIES
      This is a non-standard claim used by Broadleaf to present/validate specific privileges accessible by a user/client. While "scope" contains the pure OAuth2 scopes which have been granted, "authorities" goes beyond and describes which Broadleaf permissions for those scopes are truly accessible. For example, "scope" may contain "PRODUCT", while "authorities" may contain "READ_PRODUCT", "UPDATE_PRODUCT", or "ALL_PRODUCT" etc.
      See Also: