Skip/bypass grant flow in consent app


#1

The Oauth2 Authentication now request 2 phase: Login & Grant (Consent). My boss ask is possible to skip/bypass grant flow (consent) and assigns default/full grants for the user?

Does Oauth2 support this features and possible?


#2

For first-party clients, you could choose to just accept all scopes during the consent step, without showing the UI.


#3

Ok, right now I’m struggling with the same thing. I have a GoLang app that checks if user provided correct credentials and stuff, and then the same app provides the consent screen. I would like to accept all scopes, but how do I do that? Am I supposed to send a POST request to hydra or what? Also, I still want to allow Third Party Apps to use my server with consent screen.


#4

You can build the logic in any way you want. Up to you - and yes you will send a POST request with the neccessary information to hydra.