Scopes
Scopes are OAuth standard-defined mechanisms that allow an application to request limited, granular access to users' data. A client application can request one or more allowed scopes. The scope information is then added to the claim scope
of the access token issued to the client application. In Identity Cloud, consent to requested scopes is always implicitly given, as there is no user-consent page.
Identity Cloud supports the following types of scopes:
Predefined scopes that include
offline_access
andopenid
.Custom scopes that can be used by your applications and need access to particular sets of user data.
You can manage customer scopes with the following options: