mod_http_oauth2: Allow requesting a subset of scopes on token refresh This enables clients to request access tokens with fewer permissions than the grant they were given, reducing impact of token leak. Clients could e.g. request access tokens with some privileges and immediately revoke them after use, or other strategies.

---
labels:
- 'Stage-Beta'
summary: 'XEP-0377: Spam Reporting'
---

This module is a very basic implementation of [XEP-0377: Spam Reporting].

When someone reports spam or abuse, a line about this is logged and an
event is fired so that other modules can act on the report.