Managing scopes

A scope defines the services that the client can access on behalf of the resource owner. A scope consists of a name and one or more services. If access is granted for a scope, then access is granted for all the services in that scope. When a request is made, webMethods Integration verifies that the scope is defined for a client. The client is allowed to access only the service URLs that are specified for the scope. If the requested scope is not defined, webMethods Integration returns an error that the scope is invalid.

1. Select Settings > OAuth 2.0 > Scope Management > Add New Scope.
2. On the Add New Scope dialog box, complete the following fields. Required fields are marked with an asterisk on the screen.
   1. In Name, type a unique name for the scope. You cannot modify the scope name after a scope is saved. Scope names are not case-sensitive.
   2. In Description, type a description of the scope.
   3. The Service URLs field appears after you add the exposed flow services and REST Resources. You can select both flow services and REST Resources. A Service URL is a relative URL and it must start with /integration.
      For example, if the absolute URL is https://sub-domain.domain name/integration/rest/external/integration/run/development/projectID/flowservicename, then the Service URL is integration/rest/external/integration/run/development/fl1deb3b8565a30f0d557919/flow1. For REST APIs, if the absolute URL is /integration/restv2/development/projectID/RESTAPIName/ResourceName, then the Service URL is /integration/restv2/development/fl1deb3b8565a30f0d557919/customswagger/rad.
      Note: If a REST API request URL is as /abc/{pathvariable} and when you define the scope by using this REST API, specify the value of the scope as /abc/*
   4. Click Add new Service to select the services that the client can access on behalf of the resource owner for running the Flow services and REST Resources. Select the exposed flow services and REST resources that you want to add as Service URLs from the listed projects. The services dialog box displays the exposed flow services and REST resources available in all projects, that is, in custom projects and in the default project.
   Note: You can search by the project name, flow service name, or by the REST API name. The search function works for flow services and REST APIs only after you expand the flow services or REST API nodes in that project. First search for the project and then the flow services and REST APIs in that project. In the Services dialog box, select the exposed flow services and REST APIs that you want to add as service URLs. Then click Add or Update to add or update the respective service URLs to that scope.