I’m working to integrate okta oidc into a product called SmileCDR. The SmileCDR product expects the access token scope claim to be called “scope”(rather than “scp”), and it expects the value to be a space delimited string of scope names. I believe the scope/scp issue can be worked around, but I am hung up on the space delimited scope string versus an array. Does anyone know of a built in configuration to work around this? If not, I may look into some type of token hook implementation.
Are you using a custom Authorization server? Can you try adding your own scope claim to your Access Tokens with the following expression to see if it works for your use case? String.replace(Arrays.toCsvString(access.scope),","," ")
That is working wonderfully. Thank you so much for your quick response. I was not familiar with the access variable that you are using within your expression so I’ll have to see if I can find some documentation of what all options are available.
We released the ability to set your own “scope” claim and added the access.scope expression to return the string array of scopes requested in a previous release, documented here. I’ll look to get this included in our regular documentation as well, since its not easy to find this option.
Based on your use case, I used our Array and String functions to convert the string array that was returned into a string matching your requirements
