Folder level control for "OAuth for External Apps" in on-premise Orchestrator


Thank you for adding OAuth support in the 2021.4 version of the Orchestrator!
Is there any chance this could cover folder level permissions as well?

at the moment creating a new set of OAuth credentials allows for Tenant level permissions only which is too broad and, thus, not really compliant with the “principle of least privilage”


Hi @Filip_C

Thanks for your suggestion. I’ve added it to our ideas tracker for our team to consider.

I suppose a workaround would be to use the non-confidential application that should work with the specific user’s permissions (and thus be limited to the things that the user can access).

Feel free to correct me if I got this wrong, but I understood it as having the confidential application be able to limit the scope to specific folders?