Scopes
Scopes are used during authentication to authorise access to a user's details.
In the context of Corppass, each scope grants access to a set of entity or acting user's attributes called claims. Once authorised, these claims are turned in an ID Token (via the Token Endpoint) and/or made available via the Userinfo Endpoint.
Usage
To initiate an OpenID Connect flow, clients must specify the desired permissions as a space-delimited list in the scope parameter of the request.
Refer to the Pushed Authorization Request section for detailed specifications on constructing the request.
Consent Screen
Depending on the requested scopes, a consent screen may be displayed to the end user during authorization. The consent screen informs the user about the data or permissions being requested and allows them to grant or deny access.
Supported Scopes
Protocol Scopes
openid
Mandatory scope to indicate the request is an OpenID Connect flow.
Required for all requests.
Authorization Scopes
Entity Scopes
entity.identity
View entity identity - includes entity type, registration number, and country of incorporation.
sub_attributes
entity_typeentity_reg_numberentity_coi
User Scopes
user.identity
View acting user's identity - includes account type, identity number, and country of issuance.
act.sub_attributes
account_typeidentity_numberidentity_coi
user.corppass.email
View acting user's Corppass registered email address.
act.sub_attributes
corppass_emailcorppass_email_verified
Last updated