API Scope represents a distinct, permission-based boundary that defines the extent of access a client application can request and be granted. API Scopes are integral components of the OAuth 2.0 and OpenID Connect (OIDC) frameworks, which are widely used for securing API access and managing user identities.
To manage all API scopes for your team, navigate to API Scopes.
To create a new API scope, follow these steps, click on the "Create API Scope" button located in the top left corner of the API Scopes page. This action will open a modal window with the following fields:
- Name: A text field where the user can enter the name of the new API scope. This name should be unique and descriptive of the scope's purpose. The name will be prefixed with your tenant’s domain.
- Description: A text area where the user can provide a detailed description of the API scope. This description helps team members in understanding the scope's purpose and usage, is optional and will not be exposed to the end-user.
Click “Create api scope” after filling out the details about your scope.
Having created at least one api scope, this page displays a list of all API scopes for your team. Each scope is represented as a card with the following details:
- Scope name and description
- For convenience, the api scope name can be copied by clicking the copy icon button next to the name
- A link to manage the details of the scope. Clicking this link opens a settings page where you can edit the scope's details or delete the scope.
In order to authorize the issuing of access tokens for specific clients, see Authorizing API scopes.