Scope
Last updated
Last updated
Scope is a parameter as defined in the OAuth 2.0 standards (RFC6749) to enable a client to specify the scope of the access request. The value of the scope parameter is expressed as a list of space-delimited, case-sensitive strings although some implementations of scope uses a comma-delimited format. Scopes limit access for OAuth2 tokens and do not grant any additional permission beyond that which the client already has.
Scopes apply to applications only. Scopes play a crucial part in defining the ultimate access to a resource by a User.
User’s Roles / Permissions + Claims + Application Scopes
Turium Enigma services follow these standard naming conventions for scopes.
{actions} are common authorizations across resources.
| Action | Description | Examples |
|---|---|---|
read
Read only access (GET)
receipts.read, budgetitem.read
write
Read AND Write access (GET, POST, UPDATE etc)
company.write, travel.receipts.write
writeonly
Write only access
mileage.journey.writeonly, receipts.writeonly
delete
Delete access
N/A