Add OAuth Scopes to applications

OAuth scopes limit the amount of access that users have to an application. In EmpowerID, managing OAuth scopes requires three key components: Web Services, which are REST APIs created in Workflow Studio and then published as protected app resources; an OAuth application configured for OAuth SSO; and an OAuth Provider application, responsible for issuing the ClientID, Client Secret, and API Key.

Scopes in EmpowerID are added to the OAuth application. This setup allows administrators to define custom OAuth scopes and assign relevant web services to these scopes. When an access token is requested with specified scopes, it grants access to all the web services associated with those requested scopes.

Procedure

1. Go to Apps and Authentication > Applications.
   You can also search for applications using the global search.

2. Locate the target OAuth application and click the Display Name link for it.
   
   

   Open

   

    

3. On the Application Details page, select the SSO tab and expand the Scopes (OAuth) accordion.
   
   

   Open

   

    

4. Click the Add button on the grid header.

5. Enter a name and description for the scope, and then click Save.
   
   

    

6. Repeat steps 4 and 5 to add more scopes as needed.