OpenID Connect Clients use scope values as defined in 3.3 of OAuth 2.0 RFC 6749 to specify what access privileges are being requested for Access Tokens. The scope associated with Access Tokens determine what resources will be available when they are used to access OAuth 2.0 protected endpoints.

For OpenID Connect, scope can be used to request that specific sets of information be made available as OpenID Connect Claims Values. This document describes only the scope values used by OpenID Connect.

OpenID Connect allows additional scope values to be defined and used. Scope values used that are not understood by an implementation SHOULD be ignored.

OpenID Connect Claims requested by the following scope are treated by Authorization Servers as Voluntary Claims.

OpenID Connect defines the following OpenID Connect Scope values:

Multiple scope values MAY be used by creating a space delimited, case-sensitive list of ASCII scope values.

OpenID Connect Standard Claims#

The OpenID Connect specification defines a set of OpenID Connect Claims, referred to as "OpenID Connect Standard Claims" that can be requested to be returned either in the Userinfo_endpoint or in the Identity Token.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-16) was last changed on 13-Jun-2017 09:10 by jim