Red Hat Enterprise Linux · OAuth Scopes

Red Hat Enterprise Linux OAuth Scopes

OAuth 2.0 searched

Red Hat Enterprise Linux publishes 1 OAuth 2.0 scope via the password flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Red Hat Enterprise Linux API on a user’s behalf.

Tokens are issued from https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

AutomationComplianceEnterpriseLinuxOperating SystemRed HatRHELSecuritySubscription ManagementVulnerability Management
Scopes: 1 Flows: password Method: searched

OAuth endpoints

Token URL
https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
Flows
password

Scopes (1)

ScopeDescriptionFlows
api.console Grants a service account access to Red Hat Hybrid Cloud Console APIs (Insights, Compliance, Vulnerability, Patch, Inventory, Remediations) via the client_credentials grant against the Red Hat SSO token endpoint; fine-grained permissions are managed through Hybrid Cloud Console User Access (RBAC) groups rather than additional OAuth scopes.

Source

OAuth Scopes

rhel-scopes.yml Raw ↑
generated: '2026-07-11'
method: searched
source: openapi/rhel-subscription-management-openapi.yml
docs: https://docs.redhat.com/en/documentation/red_hat_insights/1-latest/html/using_the_red_hat_insights_api/apis-authentication
schemes:
- name: OAuth2
  source: openapi/rhel-subscription-management-openapi.yml
  flows:
  - flow: password
    tokenUrl: https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
scopes:
- scope: api.console
  description: Grants a service account access to Red Hat Hybrid Cloud Console APIs
    (Insights, Compliance, Vulnerability, Patch, Inventory, Remediations) via the
    client_credentials grant against the Red Hat SSO token endpoint; fine-grained
    permissions are managed through Hybrid Cloud Console User Access (RBAC) groups
    rather than additional OAuth scopes.
  sources:
  - https://docs.redhat.com/en/documentation/red_hat_insights/1-latest/html/using_the_red_hat_insights_api/apis-authentication
note: api.console is the only OAuth scope Red Hat documents for its APIs; console.redhat.com
  access control is RBAC-based, and the Subscription Management API instead uses
  an offline-token refresh flow (client_id rhsm-api) with no scopes per https://access.redhat.com/articles/3626371.