search

Scopes

Scopes define the permissions and claims the client requests from the authorization server during the OIDC flow. The scope parameter is mandatory in the authorization request and must include openid. Additional scopes may be requested to obtain specific claims or access certain resources.

circle-exclamation

The scope parameter will be mandated in the next major version of the API. Once the scope parameter is mandated, any requested scope that is not recognized or authorized by the authorization server will result in an error. Plan to update your applications to include this parameter. We strongly recommend reviewing the updated API documentation and transitioning to alternative fields as soon as possible to avoid disruptions.

hashtag
Supported Scopes

Scope
Description
Data Access

openid

Mandatory scope to indicate the request is an OpenID Connect flow.

Required for all requests.

authinfo

View authorization details for the authenticated user.

Auth Info Endpoint

  • AuthInfo

tpauthinfo

View third-party authorization details for the authenticated user.

Auth Info Endpoint

  • TPAuthInfo

business_profile.email

View acting user's Corppass registered email address.

For transactional and notification purposes only. Not intended for use as a user identifier, authentication, or contact database. Note that this scope will be deprecated and replaced by user.corppass.email in the upgraded FAPI 2.0 Security Profile. See FAPI 2.0: Scopes for more details.

ID Token

  • email

  • email_verified

Usage Example

When requesting scopes in the authorization URL, include them as a space-separated list in the scope parameter:

Example Request

https://stg-id.corppass.gov.sg/mga/sps/oauth/oauth20/authorize
?client_id=example_client
&response_type=code
&scope=openid authinfo
&redirect_uri=https://example.com/callback
&state=xyz123
&nonce=abc456
PreviousJWKS EndpointNextCorppass Authorization API (FAPI 2.0)

Last updated