Scope(s) to use when authenticating, that control access to specific information. To specify multiple scopes, separate them with a space.

Data Type

string

Default Value

"offline_access okta.agentPools.read okta.apiTokens.read okta.apiTokens.manage okta.apps.read okta.apps.manage okta.authenticators.read okta.authenticators.manage okta.authorizationServers.read okta.authorizationServers.manage okta.behaviors.read okta.brands.read okta.captchas.read okta.devices.read okta.devices.manage okta.domains.read okta.emailDomains.read okta.emailServers.read okta.groups.read okta.groups.manage okta.inlineHooks.read okta.myAccount.password.manage okta.oauthIntegrations.read okta.oauthIntegrations.manage okta.orgs.read okta.policies.read okta.policies.manage okta.profileMappings.read okta.realmAssignments.read okta.realms.read okta.roles.read okta.roles.manage okta.templates.read okta.templates.manage okta.logs.read okta.threatInsights.read okta.trustedOrigins.read okta.users.read okta.users.manage okta.userTypes.read"

Remarks

By default, this property contains all the scopes necessary for accessing the tables and views used by the driver. To reduce the driver's permissions and prevent access to certain tables, scopes can be removed from this property.

Note that a scope must be both listed in this property and enabled in the custom OAuth app in order for the permission to be granted.

Requesting Additional Permissions

If you attempt to perform an action while using the driver and Okta returns an insufficient permissions error, it may be due to a missing required scope. To resolve this issue, call the GetOAuthAuthorizationURL and GetOAuthAccessToken stored procedures, which have inputs for the scope you would like to request. Then set the Scope property to include the required scope and generate a new OAuth access token for a desktop application.

To request more than one scope per authorization request, separate them with a space. For a list of all available Okta scopes, see https://developer.okta.com/docs/api/oauth2/.