Wouldn't this largely negate the whole point of having restrictions in the token? That is, if we populate the `username` and you got access to your home directory -- despite having a scopes that do not allow access to the home directory -- it would be a very surprising outcome! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1569#issuecomment-989901860 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1