OAuth2.0/OpenID Connect – FAQ


Question: The authorization request which is sent to Identify contains the scope: openid. However the Identify returns the error code: invalid_scope like this sample:

What could be going wrong here?

Answer: “openid” is the special scope to define the current OAuth2.0 SP is the OpenID Connect. Please verify the OAuth2.0 protocol connection setup and enable the setting: “Use as OpenID Connect” is enable

Screenshot_11


Question: The authorization request which is sent to Identify contains the standard scopes, e.g email profile. However the Identify returns the error code: invalid_scope like this sample:

What could be going wrong here?

Answer: You need to verify if you add those scopes to your OAuth2.0 protocol connection or not. If not, you can add it via the “Scopes for consent” section by clicking Add button and fill the required value (the code value must be your scope name)

Screenshot_12

here is its UI at SafewhereAdmin when you open the OpenID:

Screenshot_13

For more explanation for the scope UI, please refer: http://docs.safewhere.com/identify-add-protocal-connection/