Skip to main content

Scopes

Passport supports a number of OAuth scopes, which you can request when you initialise the client.

NameTypeDescription
openidOIDCInforms the Authorization Server that the client is making an OpenID connect request. Without this scope, users will not be able to authenticate.
offline_accessOIDCRequests that an OAuth 2.0 Refresh Token be issued. The Refresh Token is used by Passport to automatically rotate expired tokens and during registration to initialise the user's wallet. Without this scope, token rotation, user registration and a number of other operations will fail.
emailOIDCRequests that the client gains access to the users email address. Without this scope, the users email address will not be available to the client.
transactcustomAllows the authenticating application to request Passport transactions.