Ping Identity Data Governance Broker

Data Governance Broker Documentation Index
Configuration Reference Home

OAuth2 Scope

Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.

Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.

OAuth2 Scopes indicate what data is being requested with an OAuth 2.0 authorization request. Typically, one or more OAuth2 Scopes are submitted with each request. This type of scope may be authorized by the Data Governance Broker in its role as an OAuth2 Authorization Server.

↓Direct Subcomponents
↓Relations to This Component
↓Properties
↓dsconfig Usage

Direct Subcomponents

The following OAuth2 Scopes are available in the server :

These OAuth2 Scopes inherit from the properties described below.

Relations to This Component

The following components have a direct aggregation relation to OAuth2 Scopes:

Permitted Scope

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ token-name	None
↓ description
↓ tag
↓ consent-prompt-text

Basic Properties

token-name (Read-Only)

Description	An OAuth 2.0 access token scope compliant with RFC 6749. The following characters are not permitted: space, '"', '\', '+' and ','.
Default Value	None
Allowed Values	An OAuth 2.0 access token scope compliant with RFC 6749. The following characters are not permitted: space, '"', '\', '+' and ','.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

description

Description	A description for this OAuth2 Scope
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

tag

Description	Tags associated with this OAuth2 Scope. Tags are arbitrary additional properties that may be examined by XACML policies.
Default Value	None
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

consent-prompt-text

Description	This property is shown to the user when prompting for consent. It should convey a user-friendly description of what access is being requested via this scope.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured OAuth2 Scopes:

dsconfig list-oauth2-scopes
     [--property {propertyName}] ...

To view the configuration for an existing OAuth2 Scope:

dsconfig get-oauth2-scope-prop
     --scope-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing OAuth2 Scope:

dsconfig set-oauth2-scope-prop
     --scope-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new OAuth2 Scope:

dsconfig create-oauth2-scope
     --scope-name {name}
     --set consent-prompt-text:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing OAuth2 Scope:

dsconfig delete-oauth2-scope
     --scope-name {name}