AppRoles That Can Be Granted to Clients and Users
Identity domains application roles define what a user or application client can do in an identity domain. These AppRoles directly translate into identity domain OAuth scopes that are used to secure access to protected identity domain resources. Some AppRoles are available only to clients. Some AppRoles are available to both clients and users.
AppRoles Granted Only to Clients
-
Authenticator Client
-
Change Password
-
Cloud Gate
-
DB administrator
-
Forgot Password
-
Kerberos Authenticator
-
Me
-
MFA Client
-
Reset Password
-
Self Registration
-
Signin
-
Verify Email
AppRoles Granted to Clients and Users
-
Authenticator Client
-
Change Password
-
Cloud Gate
-
DB administrator
-
Forgot Password
-
Kerberos administrator
-
Me
-
MFA Client
-
Reset Password
-
Self Registration
-
Signin
-
Verify Email