This section covers authorizing API scopes for a particular application. To create API scopes re-usable by any one of your applications, visit the API Scopes page.
The API scopes tab is used to authorize scopes that can be requested by your client application. To authorize an api-scope, navigate to Applications. Click “settings” on the appropriate application, then click the “API scopes” tab below the name of your application.
On this tab you’ll see a list of all api-scopes that have been defined for your team, given that you’ve created at least one api scope. If you haven’t created any scopes yet, click the “Create api scope” button. This opens a modal with the following fields:
- Name: A text field where the user can enter the name of the new API scope. This name should be unique and descriptive of the scope's purpose. The name will be prefixed with your tenant’s domain.
- Description: A text area where the user can provide a detailed description of the API scope. This description helps team members in understanding the scope's purpose and usage, is optional and will not be exposed to the end-user.
Click “Create api scope” after filling out the details about your scope.
Newly created api-scopes will automatically be authorized for the application it was created under.
Use the “Authorize” toggle to de-authorize a particular api scope for this application. De-authorizing an api scope will result in Kenni not issuing access tokens containing this particular scope if requested by your application.
Good to know: Kenni issues opaque access tokens for clients that have no api-scopes defined.