Search only in titles

---

Generating the OAuth Access Token

Authentication and Session Management

When generating an OAuth access token, you must include a scope object to define the resource and operation permissions granted by the token. There are two Oracle Identity Cloud Service scopes available. Both contain all the permissions and privileges granted to the user's roles as specified in the token.

• urn:opc:idm:__myscopes__: This scope will generate an OAauth token with the same expiry as you configured in the JWT User Assertion. The upper limit for the expiry of this token is 3600 seconds (1 hour). The lower limit is 60 seconds. If the JWT User Assertion was greater than 3600 seconds, this scope returns a token with an expiry of 3600 seconds.
• urn:opc:idm:__myscopes__ urn:opc:resource:expiry=<valueinseconds>: This scope will generate an OAuth token with an expiry you specified, or the same expiry as you configured in the JWT User Assertion. The upper limit for the expiry of this token is 31556952 seconds (1 year).

You can chose from the following methods to generate the OAuth access token:

• Using Client ID and Secret
• Using JWT Client Assertion

Related Topics

Using Client ID and Secret

Using JWT Client Assertion

---

Last Published Tuesday, April 1, 2025