🚀 Feature: Implicit Authorization #6

New Issue

Closed

opened 2025-10-09 16:21:37 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2025-10-09 16:21:37 +03:00

Owner

Copy Link

Originally created by @UbiquitousBear on GitHub.

Feature description

Allow OIDC clients to support implicit authorisation flows, which bypass the need for the authenticated user to explicitly approve information required by an OIDC client.

Pitch

In my use-case, very few applications require a user to explicitly approve what information is provided (name, email, groups etc); this is due to the applications being internally built or internally facing and 'trusted'.

Originally created by @UbiquitousBear on GitHub. ### Feature description Allow OIDC clients to support implicit authorisation flows, which bypass the need for the authenticated user to explicitly approve information required by an OIDC client. ### Pitch In my use-case, very few applications require a user to explicitly approve what information is provided (name, email, groups etc); this is due to the applications being internally built or internally facing and 'trusted'.

OVERLORD closed this issue 2025-10-09 16:21:38 +03:00

OVERLORD commented 2025-10-09 16:21:40 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

Thanks for your request. The implicit authorization flow is no longer recommended because it is not considered secure. Because of that we don't plan to implement this flow but encourage the clients to migrate to the authorization code flow.

@stonith404 commented on GitHub: Thanks for your request. The implicit authorization flow is no [longer recommended](https://oauth.net/2/grant-types/implicit/) because it is not considered secure. Because of that we don't plan to implement this flow but encourage the clients to migrate to the authorization code flow.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

fix/restrict-email-one-time-access

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-2#6