I am using Okta’s API Access Management Solution to create an authorization server for users to authenticate against using their credentials.
In the Okta admin portal, I want to configure users to have different permission scopes (for example, I want some users to be able to read YYY-type data and other users to be able to read ZZZ-type data).
Once users have been granted an access token, and it is used on my Flask API server to access an endpoint, I want to be able to detect the scopes that a user has on my server and then execute conditional code blocks based on those scopes.
Does anybody know how I can go about setting up Okta to:
- grant users different types of permission scopes
- decipher the scopes a user has based on the access token sent to my API endpoints