Configure claims value based on the Client Credential

I know you can create custom scope for API and it can be made granular as to include scope specific to read, write, update and delete (ex: scope_read, scope_update) for Client Credential Grant type

I was wondering if I could in some way change the value of the claim under the scope based on the Client Credential in such a way that it is easy for admins to manage it ?

something like this
Credential 1 -
|--------claim_record_reader= ‘Yes’

Credential 2 -
|--------claim_record_reader= ‘No’


You can probably do this with custom claims and with the Okta expression (app.clientId == '{client_id}') ? 'yes' : 'no'. Depending on the number of applications you have, the expression will be more complicated.

it would be great if there was a ui based mechanism through with static value could be assigned for each client credential

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.