Inside default OAuth2 Access Token Modification Script in IdC, we have the following object available.
Always present, the requested scopes.
For example my object equals to:
[openid, profile, customScope]
and let’s say i want to remove “customScope” fields from released scopes in the access_token.
No matter what I have tried I can’t modify scopes object.
Does anyone have an example of how scopes can be added/removed programmatically inside default AM script?
Actually this has worked for me, not sure why it threw an error the first time around.
var newScopes = ‘openid profile’;
accessToken.setField(‘scopes’, newScopes);
Hi
I think that if you wanted to manipulate scopes in an OAuth2 Access Token Modification script, the getScope, and setScope functions are more appropriate.
https://backstage.forgerock.com/docs/am/7.3/_attachments/apidocs/org/forgerock/oauth2/core/AccessToken.html
e.g.
var scopes = accessToken.getScope();
scopes.add("write");
accessToken.setScope(scopes);
With regards