<img src="/img/tutorial/security/image10.png">

/// note | 備考

ヘッダーの`Authorization`には、`Bearer`で始まる値があります。

///

## `scopes` を使った高度なユースケース

OAuth2には、「スコープ」という概念があります。

これらを利用して、JWTトークンに特定の権限セットを追加することができます。

そして、このトークンをユーザーに直接、または第三者に与えて、制限付きでAPIを操作できます。

これらの使用方法や**FastAPI**への統合方法については、**高度なユーザーガイド**で後ほど説明します。

                    .authority(authority)
                    .build();

            final AuthorizationCodeParameters parameters = AuthorizationCodeParameters.builder(authCode, new URI(currentUri))
                    .scopes(Collections.singleton("https://graph.microsoft.com/.default"))
                    .build();

            final IAuthenticationResult result = app.acquireToken(parameters).get(acquisitionTimeout, TimeUnit.MILLISECONDS);

			fmt.Sprintf("config_url=%s/.well-known/openid-configuration", testApp.ProviderURL),
			fmt.Sprintf("client_id=%s", testApp.ClientID),
			fmt.Sprintf("client_secret=%s", testApp.ClientSecret),
			"scopes=openid,groups",
			fmt.Sprintf("redirect_uri=%s", testApp.RedirectURL),
		}
		if rolePolicies[i] != "" {
			configCmds = append(configCmds, fmt.Sprintf("role_policy=%s", rolePolicies[i]))
		} else {

pkg go/types, method (*Scope) Child(int) *Scope
pkg go/types, method (*Scope) Contains(token.Pos) bool
pkg go/types, method (*Scope) End() token.Pos
pkg go/types, method (*Scope) Innermost(token.Pos) *Scope
pkg go/types, method (*Scope) Insert(Object) Object
pkg go/types, method (*Scope) Len() int
pkg go/types, method (*Scope) Lookup(string) Object
pkg go/types, method (*Scope) LookupParent(string, token.Pos) (*Scope, Object)

    making RNNCells act more like Keras layers.
    *   If an RNNCell is used twice in two different variable scopes, an error
        is raised describing how to avoid this behavior.
    *   If an RNNCell is used in a variable scope with existing conflicting
        variables, an error is raised showing that the RNNCell must be
        constructed with argument `reuse=True`.

    * Role bindings since the default scopes now include the "userinfo.email"
    * scope. This is a breaking change if the numeric uniqueIDs of the Google
    * service accounts were being used in RBAC role bindings. The behavior
    * can be overridden by explicitly specifying the scope values as
    * comma-separated string in the "users[*].config.scopes" field in the
    * KUBECONFIG file.

# Additional Status Codes { #additional-status-codes }

By default, **FastAPI** will return the responses using a `JSONResponse`, putting the content you return from your *path operation* inside of that `JSONResponse`.

It will use the default status code or the one you set in your *path operation*.

## Additional status codes { #additional-status-codes_1 }

# Codes HTTP supplémentaires

Par défaut, **FastAPI** renverra les réponses à l'aide d'une structure de données `JSONResponse`, en plaçant la réponse de votre  *chemin d'accès* à l'intérieur de cette `JSONResponse`.

Il utilisera le code HTTP par défaut ou celui que vous avez défini dans votre *chemin d'accès*.

## Codes HTTP supplémentaires

ecret","value":""},{"key":"claim_name","value":"policy"},{"key":"claim_userinfo","value":""},{"key":"role_policy","value":""},{"key":"claim_prefix","value":""},{"key":"redirect_uri","value":""},{"key":"redirect_uri_dynamic","value":"off"},{"key":"scopes","value":""},{"key":"vendor","value":""},{"key":"keycloak_realm","value":""},{"key":"keycloak_admin_url","value":""}]},"identity_plugin":{"_":[{"key":"url","value":""},{"key":"auth_token","value":""},{"key":"role_policy","value":""},{"key":"role_...

/// note

Some response codes (see the next section) indicate that the response does not have a body.

FastAPI knows this, and will produce OpenAPI docs that state there is no response body.

///

## About HTTP status codes { #about-http-status-codes }

/// note

If you already know what HTTP status codes are, skip to the next section.

///