I need to provide read only access to a vendor for integration. Service account only needs access to read few identity Attributes. What scope I need to assign to the client ID to grant them read only access? I understand sp:scopes:all will give token full access as the account I am using to create token has admin rights.
Thank you
Haresh Patel
Referring to this
Helpdesk seems like the one with least access among admins
And Scope idn:identity:read for View identities allows only ../identities/ API
Thanks Nitesh,
I was able to make it work with Report Admin, as they don’t allow any updates. HelpDesk Admin allows you to enable/disable/unlock accounts.
However, I was looking for it to control the access with scope, without using scope:all. Though it looks like, I will have to assign scope:all to client ID and control the access with role assigned to the account.
Haresh Patel
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.