Predefined Scopes
The following predefined scopes are available in azuma doa. These scopes determine the returned claims granted to applications and users.
Important: Custom scopes can be defined at the application level for both Authorization Code and Client Credentials Flows, allowing for tailored access control.
Device Binding
| Scope | Description |
|---|
offline_access | See - oAuth2 specification. |
permissions_app | Adds permissions of your application to access token as permissions_app. See tokens for more details. |
licenses | Adds licenses to access token. |
Authorization Code
| Scope | Description |
|---|
offline_access | See - oAuth2 specification. |
openid | Enables OpenID Connect functionality, allowing retrieval of user identity information. |
profile | Provides access to basic profile information such as name and preferred username. |
email | Grants access to the user's email address. |
tenant_ids | Adds tenant information to access token and id token. |
permissions_app | Adds permissions of your application to access token and id token as permissions_app. See tokens for more details. |
licenses | Adds licenses to access token and id token. |
Client Credentials
| Scope | Description |
|---|
tenant_id_admin | Allows to access the API for tenant relevant operations via client. Example for scope with tenant ID '192f01b3-eee4-4eeb-9854-11303eaa4890': 192f01b3-eee4-4eeb-9854-11303eaa4890_admin |