Scopes

Scopes define the permissions and claims the client requests from the authorization server during the OIDC flow. The scope parameter is mandatory in the authorization request and must include openid. Additional scopes may be requested to obtain specific claims or access certain resources.

The scope parameter will be mandated in the next major version of the API. Once the scope parameter is mandated, any requested scope that is not recognized or authorized by the authorization server will result in an error. Plan to update your applications to include this parameter. We strongly recommend reviewing the updated API documentation and transitioning to alternative fields as soon as possible to avoid disruptions.

Supported Scopes

Scope

Description

openid

Mandatory scope to indicate the request is an OpenID Connect flow. Required for all requests.

authinfo

Provides authorization details for the authenticated user.

tpauthinfo

Provides third-party authorization details for the authenticated user.

business_profile.email

Includes the user's verified email address tied to their business profile in the ID token claims.

Usage Example

When requesting scopes in the authorization URL, include them as a space-separated list in the scope parameter:

Example Request

https://stg-id.corppass.gov.sg/mga/sps/oauth/oauth20/authorize
?client_id=example_client
&response_type=code
&scope=openid authinfo business_profile.email
&redirect_uri=https://example.com/callback
&state=xyz123
&nonce=abc456

PreviousJWKS Endpoint NextAuthorization Endpoint

Last updated 5 months ago