fix: use a custom self issued scope for user JWT
What does this merge request do and why?
To ensure we limit the access of user JWTs, we issue it a custom scope, that is only available to self issued User JWTs. We have to make sure that the v3/completions
endpoint accepts both scopes.
How to set up and validate locally
Run specs
OR
Call the User JWT endpoint, and then use the user token to call the v3/completions endpoint
Merge request checklist
-
Tests added for new functionality. If not, please raise an issue to follow up. -
Documentation added/updated, if needed.
Closes #489 (closed)
Edited by Shinya Maeda