1. Oracle Identity Cloud Service REST APIREST API for Oracle Identity Cloud Service
  2. Managing Authorization
  3. Scopes
  4. Using Trust Scopes
  5. Using the Explicit Trust Scope

Using the Explicit Trust Scope

The Explicit trust scope defines trust scope for only those services where an explicit association between the client and the target service exists.

Note:

The option to define the trustScope parameter is available to only trusted and confidential client applications. The option is not available to public client applications.

You don't have to do anything to use the Explicit trust scope since this is the default assigned to trusted and confidential client application. To use the Account or Tags option, you must update the client application with the trustScope value of either Account or Tags.

Note:

The trustScope attribute of Explicit is named Specific in the Oracle Identity Cloud Service administrative console.

See Using the Account Trust Scope and Using the Tags Trust Scope.

Request and Response Examples

The following examples show request and response examples for the client credentials flow using a fully-qualified scope.

Request Example

curl -i
-H 'Authorization: Basic MzRjYz....Q3OWVk'
-H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8'
--request POST 'https://tenant-base-url/oauth2/v1/token' -d 'grant_type=client_credentials&scope=http://abccorp1.com/scope1'

Response Example

{
    "access_token":"eyJ4NXzF.....rT5SH7sUw",
    "token_type":"Bearer",
    "expires_in":3600
}