Configuring scopes for already authorised client - easy when you know how!

Just wasted a fair amount of time trying to figure out how to grant a client app a different set of scopes for an api, management api in this case. I set up the client app quite some time back so forgot quite how the dashboard worked .So I have a client (app) that is using client credential grant to get access token for the management api. Was driving me nuts to see where to add another scope that I needed, I eventually came across this page Update Grant Types but even that didn’t lead me down the right path to start with. I followed another link in the page explaining how to use a hook to add additional scopes I did that and it worked but I was convinced this was not the correct / best route.

So I came back today for another look. BTW I’m using asp.net with OWN, I was thinking there was a way to add scope options on the authenticationApiClient.GetTokenAsync but no.

But today I found the config I needed on the dashboard. So for anyone else apparently as dumb as me.

browse to the apis tab. select api in question, select machine to machine apps tab, AND this is what caught me out, as my app was already authorised I never spotted the little down arrow to the right to expand the hidden container, containing the SCOPES, ahhhh!!!

Having played with the UI I now see that when you authorise the required app (the green switch button) it does then expand scopes container BUT really you need to make this much more obvious, maybe change the down arrow to a button “Scopes…”

Also I could not find any documentation leading me to this. The docs at Update Grant Types show a screenshot of the client to api authorisation but with the scopes container collapsed. Having that screenshot with scopes expanded and explaining in the text would have saved me hours.

Thanks

Hi @wayneb,

I agree with you. I went digging and the relevant info was hard to find. I found the instructions you were looking for in one of the architecture scenario docs (link below), but it certainly wasn’t obvious. I opened an issue with the docs folks to address this.

1 Like