Scope(s) to use when authenticating, that control access to specific information. To specify multiple scopes, separate them with a space.

Data Type

string

Default Value

"offline_access okta.agentPools.read okta.apiTokens.read okta.apiTokens.manage okta.apps.read okta.apps.manage okta.authenticators.read okta.authenticators.manage okta.authorizationServers.read okta.authorizationServers.manage okta.behaviors.read okta.brands.read okta.captchas.read okta.devices.read okta.devices.manage okta.domains.read okta.emailDomains.read okta.emailServers.read okta.groups.read okta.groups.manage okta.inlineHooks.read okta.myAccount.password.manage okta.oauthIntegrations.read okta.oauthIntegrations.manage okta.orgs.read okta.policies.read okta.policies.manage okta.profileMappings.read okta.realmAssignments.read okta.realms.read okta.roles.read okta.roles.manage okta.templates.read okta.templates.manage okta.logs.read okta.threatInsights.read okta.trustedOrigins.read okta.users.read okta.users.manage okta.userTypes.read"

Remarks

By default, this property contains all the scopes necessary for accessing the tables and views used by the driver. To reduce the driver's permissions and prevent access to certain tables, scopes can be removed from this property.

Note that a scope must be both listed in this property and enabled in the custom OAuth app in order for the permission to be granted.

To request more than one scope per authorization request, separate them with a space. For a list of all available Okta scopes, see https://developer.okta.com/docs/api/oauth2/.