Scopes Resource

In OAuth2 terms, scopes are a set of permissions which require user consent.

You've probably seen logins like Google that warn you about the data the third-party application is requesting and give you the option to accept or refuse the request.

Consider the following specs in designing your scopes endpoint:

URLanything
MethodPOST
HeadersContent-Type, Signature
FormatJSON
AttributeTypeRequiredDefault
langstringYesen
CodeDescription
200Success
400Signature/Input validation Failed

The response should be a json array containing a list of scopes with the following structure:

[
    {
        "id": "*",
        "title": "Read and Write all data.",
        "icon": "fa-user-shield",
        "description": null,
        "url": null
    },
    {
        "id": "profile",
        "title": "Access to information like name, birthday and gender.",
        "icon": "fa-user-shield",
        "description": null,
        "url": null
    },
    ...
]

💡️ Tip

For a deeper understanding of the structure and optional properties, refer to the schema.

ssofy Knowledge Base
At our core, we believe that staying up-to-date with the latest trends and advancements in Authentication and related areas is essential. That's why we take great pride in keeping you informed with the latest insights, updates, and news in this rapidly evolving landscape.


Do you need support?
SSOfy is by Cubelet Ltd.
Copyright © 2024 Cubelet Ltd. All rights reserved.