Once a user has authenticated with a wide scope there is no way to authenticate with a reduced scope as you will just get the widest one returned. Is this intended? Is there a way to get around it?
I don’t want my users to have to go into their settings, find my app, and then revoke it every time they want to modify their access level.
This is intended. Whenever you request scopes, it’s additive to scopes already requested.
What’s the case for when a user wants to have fine grained control over their scopes? Why would one of your users want to revoke specific scopes?
@mpoon It’s for letting users pick and choose what features they want, enabling and disabling them at any time, by granting or revoking access to certain scopes.
I managed to work around it for now though, since all the calls will be through my backend.
@moocat We could add in the ability to remove scopes, but it doesn’t seem like there’s much value in telling the user the removal of specific scopes when they’ve already agreed to granting your app those scopes in the past.
We could be convinced that it does provide value though.
@mpoon Nah, that’s fine. It works on my app now, so if anyone else needs to revoke specific scopes in the future then they can pick up this discussion again. I imagine it’s a pretty unusual case.