Scopes

Clients use scope values to specify what access privileges are being requested for Access Tokens. The scopes associated with Access Tokens determine what resources will be available when they are used to access OAuth 2.0 protected endpoints. For OpenID Connect, scopes can be used to request that specific sets of information be made available as Claim Values. For an understanding of how scopes are used, see Scope Values.

In addition to the OpenID Connect standard scopes of openid, profile, email, offline_access, address, and phone, PRIVO provides additional scopes to request that specific sets of information be made available as Claim Values.

ScopeDefinition
PRIVOLOCKUsed for API access.
TRUSTVerifies entity is a trusted partner.
user_profileProvides attributes and display names of the User.
additional_infoProvides permissions, role information, site token, shadow account and verification tier for the User.
trust_emailTrusted partnership to allow email to be flagged as "verified".
Requires use case and contract approval.
delete_accountRemoves accounts entirely from the system.
Requires use case and contract approval.
shadowCreates shadow account User
consent_urlDisplays consent URL associated to the given request.
Requires use case and contract approval.