Scopes

Scopes are OAuth standard-defined mechanisms that allow an application to request limited, granular access to users' data. A client application can request one or more allowed scopes. The scope information is then added to the claim scope of the access token issued to the client application. In Identity Cloud, consent to requested scopes is always implicitly given, as there is no user-consent page.

Identity Cloud supports the following types of scopes:

• Predefined scopes that include offline_access and openid.

• Custom scopes that can be used by your applications and need access to particular sets of user data.

  You can manage customer scopes with the following options:

  • Create custom scopes
  • View custom scopes
  • Edit custom scopes
  • Delete custom scopes