Skip to content

Configure Scope Verification Service

This section describes how to configure Scope Verification Service for the Onegini Token Server.

REST-based Scope Verification Service

The Onegini Token Server assumes Scope Verification Service to be available as an external application exposing HTTP endpoint for scope verification. This service can either be a small component that translates our API to a vendor specific API or it can be a middleware layer which already has access to the implementation.

The REST API that the Onegini Token Server uses is described in the API specification.

If you want to use REST-based Scope Verification Service set the Scope Verification Service Docker Compose environment variable to restScopeVerificationService. Additional configuration is needed to specify the details of the REST endpoint.

Disabling Scope Verification Service

If you do not need the Token Server to perform scope verification you can set the Scope Verification Service Docker Compose environment variable to noOpScopeVerificationService.