Personalize your external client apps by using OAuth custom scopes. Like with connected
apps, OAuth custom scopes define the permissions of an external client app to access protected
resources hosted by an external entity. External client apps support packaging these custom scopes
for distribution.
Required Editions
Available in: Professional, Performance, Unlimited, and
Developer Editions
OAuth custom scopes for external client apps work the same as OAuth custom scopes for connected
apps. To use a custom scope, you must first create the scope and then assign it to the
external client app.
Custom scopes can be set in the Policies, Settings, and Package Defaults tabs for external
client apps. Developers can set custom scopes for local external client apps and define default
values for apps for packaging. Admins can add, edit, or remove custom scopes from their external
client apps.
Custom Scopes and 2GP Managed Packaging
Because custom scopes are created independently from external client apps, they must be packaged
separately as well. To package an external client app with custom scopes, package the custom
scopes by using second-generation (2GP) managed packaging, and then package the external client
app as a 2GP managed package. To install an external client app that includes custom scopes, you
must install the custom scope package before you install the external client app package.
If your custom scopes use custom labels as descriptions, package these labels separately as well.
In this case you must package the custom labels by using 2GP managed packaging, then package the
custom scopes by using 2GP managed packaging, and then package the external client app as a 2GP
managed package. The installation process must follow this order as well. To install an external
client app that includes custom scopes with custom labels, first install the custom label
package, then the custom scope package, and then install the external client app package.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
