how to specify the scope with oauth2 client application

7.6k Views Asked by zilcuanu At 05 April 2025 at 10:07

I am using Spring Security OAuth2 client application and have provided the below configuration


spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: 
            client-secret: 
            scope: openid
        provider:
          okta:
            authorization-uri: https://dev-7858070.okta.com/oauth2/default/v1/authorize
            token-uri: https://dev-7858070.okta.com/oauth2/default/v1/token
            user-info-uri: https://dev-7858070.okta.com/oauth2/default/v1/userinfo
            jwk-set-uri: https://dev-7858070.okta.com/oauth2/default/v1/keys

I have specified the scope to only openid, but still getting other scopes like profile and email. I want to just get the openid scope. Where am I going wrong?

Original Q&A

There are 2 best solutions below

Matt Raible On 17 December 2021 at 15:31 BEST ANSWER

You can specify multiple scopes by separating them with a comma.

spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: 
            client-secret: 
            scope: openid,profile,email

Robert On 11 August 2023 at 23:03

In OAuth2 authorization systems it is possible to define default scopes for a client. The client will always get these scopes, even if it didn‘t request them.

Profile and email are typical default scopes.

how to specify the scope with oauth2 client application

There are 2 best solutions below

Related Questions in SPRING-SECURITY-OAUTH2

Related Questions in OAUTH2CLIENT

Related Questions in SPRING-BOOT-STARTER-OAUTH2-CLIENT

Trending Questions

Popular # Hahtags

Popular Questions