Re: UAA, autoapprove, and cf client
Having auto approve true on a client means the token will be granted without the user having to approve the scopes that the client is requesting. It is used for clients that have a grant type of "implicit" or "authorization_code". The grant type decides whether you have a response_type=token or a response_type=code (implicit being the grant type that can be used to get the token directly) in the request to /oauth/authorize.
The cf client is a client of type "password grant" which does not require approval of scopes by the user.
https://github.com/cloudfoundry/uaa-release/blob/develop/jobs/uaa/spec#L229 This property is being deprecated because auto-approve can be specified under the uaa.clients section on a per client basis.Madhura
On Jan 21, 2016, at 1:07 PM, Matt Cholick <cholick(a)gmail.com> wrote: