OAuth applications are standalone resources
2 open questions related to OAuth applications:
Scoping
We have instance-level, user-level, and group-level OAuth applications. We need to reconsider the scoping of instance-level and user-level apps.
Audience
OAuth applications can be used by any user with a GitLab account to authenticate. On one hand with Cells, we want to avoid cluster-wide features. On the other hand, how do we want to support features like the VS Code extension which uses an instance-level OAuth application?
Edited by Imre Farkas