Hello @huyennbl! You’ve cited several very specific questions in your response, so I can address a few of them inline here, as some of the answers are already available. For one question, I created a separate topic.
What’s the relationship between and Application and API
The relationship between Application and API is summarized in the first sentences of the Overviews of the linked docs on Applications and APIs.
What’s the difference between scope and permissions
This reply should help to clarify this: Can Users be tied to a Scope? - #2 by kim.maida
What’s the point of creating a SPA app in this page? […]
This question is best answered in a separate topic. I’ve created a new topic here: SPA API architecture scenarios clarification Please subscribe to / follow that topic.
I think there should be a better document for troubleshooting, with symptom, and solution. In my case, I installed Authorization extension, and cannot get user’s ‘roles’, and ‘permissions’, while ‘groups’ work fine. I cannot find any docs that could solve my problem, also not understanding the root cause.
(See next answer on RBAC)
What would happen if the name of permission in Authorization extension doesn’t match the scope name in API?
This question is somewhat related to your first question about the difference between scopes and permissions. Please check out the response to the first question for more information on this. In addition, we are currently in the process of rolling out our new Role-Based Access Control (RBAC) feature to all customers (watch for a Dashboard notification). This feature will hopefully help to clarify and ease some of the confusion you may have experienced around using the Authorization extension in the past. You can check out the RBAC docs here.