Configure OAuth 2.0 scopes
On the OAuth scopes page, you can define scopes and assign them to resources and methods in your registered API. Scopes specify the extent to which client apps’ can use protected resources. You can assign a scope to the entire resource and all its associated methods and to each method individually. You must assign at least one scope to implement OAuth 2.0 in your system.
Access the OAuth scopes configuration page
- On the API Definitions page, in the Registered APIs section, click the ellipsis icon () associated with the API configuration you want to configure scopes for.
- From the menu, select Manage versions.
- In the Version history panel, click the ellipsis icon () associated with the API configuration version you want to configure scopes for.
- From the list of delivery options, select OAuth scopes.
- On the OAuth scopes page, set the Enable OAuth scopes switch to Yes.
Define OAuth scopes
- Expand the Scope definitions section.
- In the Scope definitions section, click Create new scope.
- In the Create new scope window, in the Scope field, enter the name of the scope.
In the Description field,
enter a meaningful description of the scope.
The description of a scope appears on the second consent page when resource owners grant client apps access to their data. Providing a meaningful description is important, because it ensures that a resource owner fully understands the extent to which a client app will be able to access their resources. For example, if you name a scope
http://bookstore.api.com/users/id.read, you may add the following description to clarify the scope: “Allow the client app to view your user ID”.
- Click Save.
Assign OAuth scopes to resources and methods
- Expand the Scope assignments section.
In the Scope column, for
each resource and method that you want to make available to client apps, select
at least one defined scope.
A scope associated with a resource automatically applies to all methods within that resource. You can apply the same scope to more than one resource or method.