I wish to auto-autorize some trusted apps for our rails API with doorkeeper
# Skip Authorization for trusted clients
skip_authorization do |resource_owner, client|
client.superapp? || resource_owner.admin?
Superapp is a concept that is supposed to be custom implemented.
The easiest way you could auto authorize a trusted app is if you use the trusted client's application id like below:
# config/initializers/doorkeeper.rb skip_authorization do |resource_owner, client| client.uid == "client application id goes here" end
Perhaps you could also use scopes and make the client's scopes field to be 'trusted' (As far as I know by directly going to the Database).
But, I believe, scopes are not supposed to be used this way. They usually notify the resource_owner what type of client it is so that he/she can choose to authorize or not.
I hope this helps! It would be nice if anyone has a better way of implementing this though.