/services/idg/services-support/web/sign-on/development/forum/?topic=094d43a23c7170c7013c7c3f375b4353 The latest posts to IDG » Web Sign On » OAuth Authenticate en-GB (C) 2026 University of ÌÇÐÄTV Wed, 02 Jul 2025 10:06:42 GMT http://blogs.law.harvard.edu/tech/rss SiteBuilder2, University of ÌÇÐÄTV, http://go.warwick.ac.uk/sitebuilder /services/idg/services-support/web/sign-on/development/forum/?post=094d43a23c716fc2013c80b47c705281 <p>Hi Thomas,</p> <p>That's the expected behaviour for the authenticate endpoint. Using this scope modifies the authorisation flow to look more like a regular login. You can also use a scope value of "authenticate" rather than the full websignon scope ID, though the behaviour will be the same.</p> Mon, 28 Jan 2013 10:29:37 GMT Nick Howes 094d43a23c716fc2013c80b47c705281 /services/idg/services-support/web/sign-on/development/forum/?post=094d43a23c7170c7013c7c3f375c4354 <p>Hey,</p> <p>When using the authenticate url for OAuth login, I noticed that you can&nbsp;<strong>only</strong> have the scope&nbsp; <code><a rel="nofollow">urn:websignon.warwick.ac.uk:sso:service</a></code>. Having any other scopes results in the user being forced to re-allow the client in question, even if the user has all ready allowed the client in the past with the same set of scopes.</p> <p>Is this intentional, or am I doing something wrong??</p> <p>&nbsp;</p> <p>Thomas</p> Sun, 27 Jan 2013 13:43:03 GMT Thomas Purchas 094d43a23c7170c7013c7c3f375c4354