Page MenuHomePhabricator
Create Task
Maniphest T355909

Cannot self-update most fields of an OAuth consumer, nor self-disable/delete it
Closed, DuplicatePublic
Actions

Description

It is currently very easy to create an Oauth consumer/client, but surprisingly difficult to self-manage it.

https://www.mediawiki.org/wiki/OAuth/For_Developers#Registration states "If you have changed your mind, you can disable the application under Special:OAuthConsumerRegistration/list".

It is not true, at least on https://meta.wikimedia.org. We cannot disable nor delete the consumers/clients we have created, and we cannot neither update most of the fields such as name, version or callback urls.

This makes it quite difficult to correct a mistake properly (i.e without resolving to create a new entry instead of fixing a bad one) as the only way to do that is to ask an OAuth administrator to fix our mistakes. We should be able to fix our mistakes by ourselves without having to disturb an administrator who have probably more important work to do.

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits