Create or update application default scope

put

https://Use API Lookup for a base URL/apps/{app}/defaultScope

Create or update the default scope for the application identified by the provided HRN.

Application Default Scope Management APIs enabled authorized identities to manage the the default scope for a given application. The default scope represents the default value for the "scope" parameter when requesting a client_credentials OAuth2 token if no "scope" parameter is specified. If a "scope" parameter is specified when requesting a client_credentials OAuth2 token, the default scope value will be disregarded.

Access Control:

The calling principal must have "manage" or "write" action permission for the resource "{app}" in the "account" service.

Path Params

app

string

required

HRN identifying the application. Must be URL-encoded, if reserved characters ":/?#[]@!$&'()*+,;=" are used. see https://tools.ietf.org/html/rfc3986#section-2.2.

Body Params

scope

string

required

The default requested scope for the given application.

isRestricted

boolean

Defaults to false

Boolean value indicating whether or not the given application should be restricted from requesting a client token with a different scope from the default value. Access tokens with NO scope are allowed with this value set to true unless the 'alwaysProjectScope' setting is also true. This value has no effect on the scope of API Keys which are assigned no scope unless 'alwaysProjectScope' is set to true.

alwaysProjectScope

boolean

Defaults to false

Indicates whether or not the given application is locked to the default scope. When this value is set to true, both API Keys and Access Tokens for this app are always assigned the default project. In addition, the given application cannot be added to any additional projects or groups. Any attempt to get an unscoped access token for the given application will fail. Any API Keys associated with the given application are assigned the default scope.

Headers

X-Correlation-ID

string

Correlates HTTP requests between a client and server. If not present in the incoming request, it will be generated. This header and value will be included in all loglines including access logs. It will also be propagated to downstream services and returned in the response.

X-Request-ID

string

The unique for the request, used to track this request within the service. X-Request-ID value is NOT propagated to the downstream services.

Responses

200OK

400Invalid input provided, see error response for details

401Access is denied due to invalid credentials

403You do not have permission to perform this action

404The requested resource was not found, see error response for details