How To: Working With Scopes

Summary

Your applications may need to consume data from external or internal APIs.
Those APIs may control and restrict their access to allowed scopes.
Like in Oauth 2.0, the access control is done by exchanging access tokens representing scopes.

The identity Hub allows you to define scopes (with an appropriate token life time) and to set how applications will make use of these scopes.
In this topic you will learn the necessary steps to create scopes and assign scopes to applications.

Step 1 - Create a Scope

In this step you will create a Scope.

  • Navigate to the Scopes Admin Page and click on Add.

  • Provide the following information
    • Name: The name of the scope.

    • Description: A description of the scope

    • Token life time: The life time of the associated token

  • Click Save. You will navigate to the list of scopes, now showing the just created scope.


Step 2 - Assign a Scope to an Application

In this step we will assign one or more scopes to an application.

For more information about Apps see How To: What is an App?.

Applications might not be interested in all the available scopes. To limit the scopes that are requested by an application, only assign scopes the application needs.

  • Navigate to the Apps Admin Page.

  • Click any of the apps to go to the App's detail page.

  • In the left navigation click the Scopes tab.

  • A list of available scopes is displayed.

  • Check the scopes you want to assign to the App (you may choose if the App will request a scope by default or optionally) and click Save.

  • The scopes are now assigned to the App.