JoeP.61128 (Customer) asked a question.
Okta User Permission Scopes
I am using Okta’s API Access Management Solution to create an authorization server for users to authenticate against using their credentials.
In the Okta admin portal, I want to configure users to have different permission scopes (for example, I want some users to be able to read YYY-type data and other users to be able to read ZZZ-type data).
Once users have been granted an access token, and it is used on my Flask API server to access an endpoint, I want to be able to detect the scopes that a user has on my server and then execute conditional code blocks based on those scopes.
Does anybody know how I can go about setting up Okta to:
- grant users different types of permission scopes
- decipher the scopes a user has based on the access token sent to my API endpoints
Hello @JoeP.61128 (Customer) Thank you for reacting out to our Community!
In order for users to read that type of information they would need administrator access. I was unable to find any specific documentation on this matter, as such I would recommend to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
https://devforum.okta.com/
Community members help others by clicking Like or Select as Best on responses. Try it today.
Watch and Learn: New Okta how-to videos, plus what's new this month in the May newsletter.