Scopes that can be requested when logging in a user.
Constant
System.String Profile = profile
Whether the token can be used to access user profile information (full name, email, images) directly from the AuthServer
Constant
System.String RefreshToken = offline_access
Synonym for OfflineAccess
Constant
System.String OfflineAccess = offline_access
Whether the response can include a refresh token (not available for implicit flows)
Constant
System.String DeploymentServer = deployment_server
Whether the token should be scoped to the currently configured deployment server
Constant
System.String RemoteOrderServer = ros
Whether the token should be scoped to the currently configured live remote order server. This is what third
party remote order providers should use to connect to ROS.
It will need to be combined with org_id in the request to be scoped to a single organisation.
The ROS instance will be the one assigned to org_id. Having no assigned ROS will result in the token request being rejected.
Constant
System.String DataExtractionService = des
Whether the token should be scoped to the currently configured live data extraction server. This is what third
party data extraction service users should use to connect to DES.
It will need to be combined with org_id in the request to be scoped to a single organisation.
The DES instance will be the one assigned to org_id. Having no assigned DES will result in the token request being rejected.
Constant
System.String PartnerService = partnerservices
Whether the token should be scoped to the currently configured live partner server. This is what third
party partner service users should use to connect to PS.
It will need to be combined with org_id in the request to be scoped to a single organisation.
The PS instance will be the one assigned to org_id. Having no assigned PS will result in the token request being rejected.
Constant
System.String ReportingServer = reporting_server
Whether the token should be scoped to the currently configured live reporting server.
It can to be combined with org_id in the request to be scoped to a single organisation.
The RS instance will be the one assigned to org_id. Having no assigned RS will result in a token for the default reporting server
Constant
System.String IntegrationServerAuthServerAccess = ro_auth
Whether the token should be scoped to auth server for using the auth server endpoints.
(this is restricted to registered integration services - it requires the registered integration server keys/secrets)
Constant
System.String IntegrationServerOrganisationAccess = ro_org
Whether the token should be scoped to a particular organisation using a limited set of permissions specific to remote ordering.
Tokens from this scope can be restricted to a single organisation using org_id (they will have permissions ONLY for their registered domain)
or restricted to an entire POSCore which will apply the AuthServerClaims.NoKapow claim.
(this is restricted to registered integration services - it requires the registered integration server keys/secrets)