Manual Chapter : About OAuth Scope

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

About OAuth Scope

The OAuth Scope agent validates JSON web tokens (JWT) or validates scopes for opaque tokens. The OAuth Scope item provides these elements and options:
Token Validation Mode
  • Internal
    - In this mode, the agent validates JSON web tokens (JWT).
  • External
    - In this mode, the agent makes requests to an OAuth authorization server to get scopes associated with a token and to get scope data, such as a user's email address or contact list.
JWT Provider List
Specifies a list of OAuth providers that support JWT. The agent validates JWT from any of these providers when configured. For
Internal
mode.
Server
Specifies an OAuth server. OAuth servers in resource server, or client and resource server modes are available for selection. For
External
mode.
Scopes Request
Specifies a validation-scopes-request type request. This request type retrieves a list of scopes associated with the token. For
External
mode.
In
External
mode, there can be multiple scope data requests in this agent with these elements:
Scope Name
Specifies the name of a scope for which you are requesting data. (The external OAuth provider specifies the names of the scopes that it supports.)
Request
Specifies a scope-data-request type request. This is optional. If the provider does not require this type of request to obtain additional information from an authorization server, you do not need to fill in this field.
Requests are configured in the
Access
Federation
OAuth Client / Resource Server
Requests
area of the product.