Skip to main content


Scopes are OAuth standard-defined mechanisms that allow an application to request limited, granular access to users' data. A client application can request one or more allowed scopes. The scope information is then added to the claim scope of the access token issued to the client application. In Identity Cloud, consent to requested scopes is always implicitly given, as there is no user-consent page.

Identity Cloud supports the following types of scopes: