<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Adding a Custom Scope to SCIM OAuth Flow in Okta

Last Updated:

API Access Management
Okta Classic Engine
Okta Identity Engine

Overview

This article explains how to include a custom scope when configuring the System for Cross-domain Identity Management (SCIM) protocol with an OAuth 2.0 flow when required by the downstream SCIM application.

Applies To

  • OAuth2
  • System for Cross-domain Identity Management (SCIM)
  • Provisioning
  • Okta Classic Engine
  • Okta Identity Engine (OIE)

Solution

Adding custom scopes is supported when configuring the SCIM connection using an OAuth 2.0 flow. As two different OAuth 2.0 Grant Types are available for SCIM, make sure to follow the instructions for the Grant Type supported by the integration.

Authorization Code

Add each scope to the authorize URL as a query parameter, separated by a space.

/authorize?scope=customscope1 customscope2


Custom Scope Example

Client Credentials

Add each scope to the token URL as a query parameter, separated by a space.

/token?scope=customscope1 customscope2

Client Credentials

Recommended content

Still looking for help?
Loading
Okta Support - Adding a Custom Scope to SCIM OAuth Flow in Okta