If I have a developer app which has access to the products:
- P1
- Allowed OAuth Scopes: A, B, C
- P2
- Allowed OAuth Scopes: A, B
The resulting token has:
"scope": "A B A B C"
Does that make sense? Shouldn't the values be unique (i.e., "A B C")?
(Validation still works as expected, it's just that the tokens look "funny")
This is on OPDK 4.16.09.02
LinkedIn
Twitter
