Authorization Server Scopes

Provides operations to manage custom token scopes for the given authServerId and scopeId.

List all Custom Token Scopes
OAuth 2.0: okta.authorizationServers.read

Lists all custom token scopes

Request
path Parameters
authServerId
required
string

id of the Authorization Server

Example: GeGRTEr7f3yu2n7grw22
query Parameters
q
string
filter
string
cursor
string
limit
integer <int32>
Default: -1
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/authorizationServers/{authServerId}/scopes
Request samples
Response samples
application/json
[
  • {
    • "consent": "ADMIN",
    • "default": true,
    • "description": "string",
    • "displayName": "string",
    • "id": "string",
    • "metadataPublish": "ALL_CLIENTS",
    • "name": "string",
    • "optional": true,
    • "system": true
    }
]

Create a Custom Token Scope
OAuth 2.0: okta.authorizationServers.manage

Creates a custom token scope

Request
path Parameters
authServerId
required
string

id of the Authorization Server

Example: GeGRTEr7f3yu2n7grw22
Request Body schema: application/json
required
consent
string (OAuth2ScopeConsentType)
Default: "IMPLICIT"

Indicates whether a consent dialog is needed for the Scope

Enum: "ADMIN" "FLEXIBLE" "IMPLICIT" "REQUIRED"
default
boolean

Indicates if this Scope is a default scope

description
string

Description of the Scope

displayName
string

Name of the end user displayed in a consent dialog

metadataPublish
string (OAuth2ScopeMetadataPublish)
Default: "NO_CLIENTS"

Indicates whether the Scope is included in the metadata

Enum: "ALL_CLIENTS" "NO_CLIENTS"
name
string

Scope name

optional
boolean
system
boolean

Indicates if Okta created the Scope

Responses
201

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/authorizationServers/{authServerId}/scopes
Request samples
application/json
{
  • "consent": "ADMIN",
  • "default": true,
  • "description": "string",
  • "displayName": "string",
  • "metadataPublish": "ALL_CLIENTS",
  • "name": "string",
  • "optional": true,
  • "system": true
}
Response samples
application/json
{
  • "consent": "ADMIN",
  • "default": true,
  • "description": "string",
  • "displayName": "string",
  • "id": "string",
  • "metadataPublish": "ALL_CLIENTS",
  • "name": "string",
  • "optional": true,
  • "system": true
}

Retrieve a Custom Token Scope
OAuth 2.0: okta.authorizationServers.read

Retrieves a custom token scope

Request
path Parameters
authServerId
required
string

id of the Authorization Server

Example: GeGRTEr7f3yu2n7grw22
scopeId
required
string

id of Scope

Example: 0TMRpCWXRKFjP7HiPFNM
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
Request samples
Response samples
application/json
{
  • "consent": "ADMIN",
  • "default": true,
  • "description": "string",
  • "displayName": "string",
  • "id": "string",
  • "metadataPublish": "ALL_CLIENTS",
  • "name": "string",
  • "optional": true,
  • "system": true
}

Replace a Custom Token Scope
OAuth 2.0: okta.authorizationServers.manage

Replaces a custom token scope

Request
path Parameters
authServerId
required
string

id of the Authorization Server

Example: GeGRTEr7f3yu2n7grw22
scopeId
required
string

id of Scope

Example: 0TMRpCWXRKFjP7HiPFNM
Request Body schema: application/json
required
consent
string (OAuth2ScopeConsentType)
Default: "IMPLICIT"

Indicates whether a consent dialog is needed for the Scope

Enum: "ADMIN" "FLEXIBLE" "IMPLICIT" "REQUIRED"
default
boolean

Indicates if this Scope is a default scope

description
string

Description of the Scope

displayName
string

Name of the end user displayed in a consent dialog

metadataPublish
string (OAuth2ScopeMetadataPublish)
Default: "NO_CLIENTS"

Indicates whether the Scope is included in the metadata

Enum: "ALL_CLIENTS" "NO_CLIENTS"
name
string

Scope name

optional
boolean
system
boolean

Indicates if Okta created the Scope

Responses
200

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
Request samples
application/json
{
  • "consent": "ADMIN",
  • "default": true,
  • "description": "string",
  • "displayName": "string",
  • "metadataPublish": "ALL_CLIENTS",
  • "name": "string",
  • "optional": true,
  • "system": true
}
Response samples
application/json
{
  • "consent": "ADMIN",
  • "default": true,
  • "description": "string",
  • "displayName": "string",
  • "id": "string",
  • "metadataPublish": "ALL_CLIENTS",
  • "name": "string",
  • "optional": true,
  • "system": true
}

Delete a Custom Token Scope
OAuth 2.0: okta.authorizationServers.manage

Deletes a custom token scope

Request
path Parameters
authServerId
required
string

id of the Authorization Server

Example: GeGRTEr7f3yu2n7grw22
scopeId
required
string

id of Scope

Example: 0TMRpCWXRKFjP7HiPFNM
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/authorizationServers/{authServerId}/scopes/{scopeId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}