POST OAuth/GetScopes

Returns all known scopes.

Requirements

  • Roles: Any. See OAuth roles for more information.
  • Token scope:  Admin

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

None

Returns

Response description

Name

Description

HTTP 200

See OAuth result codes.

A Scopes array is returned that lists each known Scope with a RestrictionList array that lists any restrictions to that scope.

HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • Error

    • invalid_request: The request is missing a required parameter or is otherwise malformed.

  • Error_description: If available, additional information about how to retry the request.

HTTP 401

For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:

  • Error

    • invalid_token: The access token is missing, or the provided token is expired, revoked, malformed, or invalid for other reasons.

    • insufficient_rights: The underlying user account does not have sufficient permissions for this request.

  • error_description: If available, additional information about how to retry the request.

HTTP 403

If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/Oauth with the correct scope and restriction. Update the header with the new token and retry.

  • Error

    • insufficient_scope: The request requires a greater scope than provided by the access token.

  • error_description: If available, additional information about how to retry the request.

Example

Request

POST /vedsdk/oauth/getscopes HTTP/1.1
Host: tpp-server-url
Content-Type: application/json
Accept: application/json
Authorization: Bearer 4MyGeneratedBearerTknz==

{

}			

Response

{
  "Result": 0,
  "Scopes": [
    {
      "RestrictionList": [
        "grantrights",
        "viewlogs"
      ],
      "Scope": "admin"
    },
    {
      "RestrictionList": [],
      "Scope": "configuration"
    },
    {
      "RestrictionList": [],
      "Scope": "security"
    },
    {
      "RestrictionList": [
        "manage"
      ],
      "Scope": "restricted"
    },
    {
      "RestrictionList": [
        "manage",
        "sensitive"
      ],
      "Scope": "statistics"
    },
    {
      "RestrictionList": [],
      "Scope": "codesignclient"
    },
    {
      "RestrictionList": [
        "admin",
        "approve",
        "delete",
        "manage"
      ],
      "Scope": "codesign"
    },
    {
      "RestrictionList": [
        "discover",
        "manage",
        "revoke"
      ],
      "Scope": "certificate"
    },
    {
      "RestrictionList": [
        "manage"
      ],
      "Scope": "ssh"
    },
    {
      "RestrictionList": [
        "delete"
      ],
      "Scope": "agent"
    },
    {
      "RestrictionList": [
        "csp"
      ],
      "Scope": "codesigning"
    }
  ],
  "Success": true
}