This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Management API for Application details returns no scopes

Posted on 08-12-2024 01:58 AM
shawkyfoda
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

I have an application granted some products and some of these products have some scopes. 

I expected when query the application details using Apigee management API to retrieve all the scopes associates  with all granted products, However I got an empty scopes !!! 

Any Advise ?

1 1 110
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
kurtkanaskie
Staff
Reply posted on --/--/---- --:-- AM

I agree, the docs here https://cloud.google.com/apigee/docs/api-platform/security/oauth/working-scopes#howarescopesassigned... imply the App will have all the scopes for the products, but they are not shown on the App itself. However, when you create an access token for that App, the token will have all the scopes. You can request less scopes in the OAuth token generation call, but with none, you'll get all scopes.

Now, if you create an App with certain scopes (via the API), they are listed in the App and OAuth tokens created for that App will be restricted to those scopes.

Bottom line, even though the App does not show any scopes when created in the UI, it has the ability to request any of the scopes available in the API Products for the App, in an OAuth token.

Top Solution Authors
View all