@Nikerabbit Would it be okay to grant the mwoauthproposeconsumer and the mwoauthupdateownconsumer rights to the bot user group for now? I can take care of the patch if it'd be approved.

Looks like WMF config has given it to the user group: https://gerrit.wikimedia.org/g/operations/mediawiki-config/+/4b29eca50dc9365f7e43a6ab8f782784ae1017c0/wmf-config/CommonSettings.php#3713

We could give it to the translator group. Can you also briefly explain what would be the use cases for this?

In T330500#9251910, @Nikerabbit wrote:

Can you also briefly explain what would be the use cases for this?

I am the operator of https://translatewiki.net/wiki/User:ArchiveBot which authenticates to translatewiki.net through OAuth using a owner-only consumer with limited grants. In order to configure the bot's OAuth owner-only consumer, it had to get sysop rights temporarily, since no other user group has those privileges. If at a later date I need to change the consumer, upgrade it to OAuth v2, etc., I won't be able to do it myself and will need to ask my bot to be granted sysop permissions again.

I do not think OAuth is used much in translatewiki.net, so maybe we do not need to mirror what WMF did here and grant these privs to the user group.

Adding it to the translator group would not work IMHO, since e.g. my bot is not in that group (nor really needs to be).

The bot group feels a better choice for now, as I expect that's where you can find the most use case for OAuth for now.

On the other hand, and since OAuth consumers "not for self-consumption" need to be approved before anyone can use them, user doesn't look so risky.

Change 966258 had a related patch set uploaded (by MarcoAurelio; author: MarcoAurelio):

[translatewiki@master] Allow users to propose OAuth consumer

https://gerrit.wikimedia.org/r/966258

Change 966258 merged by jenkins-bot:

[translatewiki@master] Allow users to propose OAuth consumer

https://gerrit.wikimedia.org/r/966258

Thank you.

Thanks yourself!