refactor: remove additionalScopes from OIDC config push

Server now hardcodes Logto org scopes in the auth flow, so the provisioner no longer needs to push them via OIDC config. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 15:37:53 +02:00
parent 2cda065c06
commit 4341656a5e
1 changed files with 1 additions and 5 deletions
--- a/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java
+++ b/src/main/java/net/siegeln/cameleer/saas/vendor/VendorTenantService.java
@@ -142,11 +142,7 @@ public class VendorTenantService {
                            "defaultRoles", List.of("VIEWER"),
                            "displayNameClaim", "name",
                            "rolesClaim", "roles",
-                            "audience", "https://api.cameleer.local",
-                            "additionalScopes", List.of(
-                                "urn:logto:scope:organizations",
-                                "urn:logto:scope:organization_roles"
-                            )
+                            "audience", "https://api.cameleer.local"
                        ));
                        log.info("Pushed OIDC config to server for tenant {}", tenant.getSlug());
                    } catch (Exception e) {