ASVS Requirement 10.4.11

• Level: 2
• Chapter: V10 OAuth and OIDC
• Section: V10.4 OAuth Authorization Server
• Source: 0x19-V10-OAuth-and-OIDC.md

Description

Verify that the authorization server configuration only assigns the required scopes to the OAuth client.