All Products
Search
Document Center

Resource Access Management:Add OAuth scopes

Last Updated:Dec 21, 2023

This topic describes how to add OAuth scopes to an application in Resource Access Management (RAM). You can use OAuth scopes to grant the application permissions for Alibaba Cloud resources.

Add OAuth scopes

  1. Log on to the RAM console with an Alibaba Cloud account.

  2. In the left-side navigation pane, choose Integrations > OAuth Preview.

  3. On the Enterprise Applications tab, find the application that you want to manage.

  4. On the Application OAuth Scopes tab, click Add OAuth Scopes.

  5. In the Add OAuth Scopes panel, select the scopes that you want to add.

    Note

    The aliuid and profile scopes are related to ID tokens, and other scopes are related to access tokens.

  6. Click OK.

Configure the required OAuth scopes

After you add OAuth scopes, you can select and clear the required OAuth scopes in the OAuth scope list. For more information, see Add OAuth scope. If Set to Required is selected for an OAuth scope, the required OAuth scope is automatically selected and cannot be canceled when a user grants permissions on the application.

Set to Required

  1. In the OAuth scope list, click Set to Required in the Actions column.

  2. In the message that appears, read the description and click OK.

    Important

    Make sure that the current application requires the permissions. The application must ensure data security and meet regulatory and compliance requirements to use the data and permissions.

Cancel Required

  1. In the OAuth scope list, click Cancel Required in the Actions column.

  2. In the message that appears, click OK.