when using a service that doesn't support oauth scopes, such as https://cleanfollow-bsky.pages.dev/, a error is produced with the code "Uncaught (in promise) Error: InsufficientScope". despite a unauthenticated account being able to see the same data.
Our Personal Data Server from scratch!
tranquil.farm
pds
rust
database
fun
oauth
atproto
no oauth scopes leads to errors on oauth #49
open
opened by
isabelroses.com
@nel.pet what do you think of this? on the one hand yes we could easily not care about list endpoints and have them succeed if auth isn't technically needed for them, but on the other hand the whole point of scopes is to even request read access