SailPoint · OAuth Scopes

SailPoint OAuth Scopes

OAuth 2.0 derived

SailPoint publishes 11 OAuth 2.0 scopes via the clientCredentials and authorizationCode flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the SailPoint API on a user’s behalf.

Tokens are issued from https://{tenant}.api.identitynow.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Access GovernanceComplianceIAMIdentity ManagementIdentity SecuritySecurity
Scopes: 11 Flows: clientCredentials, authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://{tenant}.identitynow.com/oauth/authorize
Token URL
https://{tenant}.api.identitynow.com/oauth/token
Flows
clientCredentialsauthorizationCode

Scopes (11)

ScopeDescriptionFlows
idn:access-profile:manage Manage access profiles authorizationCode, clientCredentials
idn:access-profile:read Read access profiles authorizationCode, clientCredentials
idn:certification:manage Manage certifications authorizationCode, clientCredentials
idn:certification:read Read certifications authorizationCode, clientCredentials
idn:entitlement:read Read entitlements authorizationCode, clientCredentials
idn:identity-profile:manage Manage identity profiles authorizationCode, clientCredentials
idn:identity-profile:read Read identity profiles authorizationCode, clientCredentials
idn:identity:read Read identity information authorizationCode, clientCredentials
idn:role-unchecked:manage Manage roles authorizationCode, clientCredentials
idn:role-unchecked:read Read roles authorizationCode, clientCredentials
idn:sources:read Read sources authorizationCode, clientCredentials

Source

OAuth Scopes

sailpoint-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/identity-security-cloud-v3.yml
schemes:
- name: oauth2
  source: openapi/identity-security-cloud-v3.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://{tenant}.api.identitynow.com/oauth/token
  - flow: authorizationCode
    authorizationUrl: https://{tenant}.identitynow.com/oauth/authorize
    tokenUrl: https://{tenant}.api.identitynow.com/oauth/token
  description: OAuth 2.0 authentication. Use client credentials or authorization code flow to
    obtain access tokens.
scopes:
- scope: idn:access-profile:manage
  description: Manage access profiles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:access-profile:read
  description: Read access profiles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:certification:manage
  description: Manage certifications
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:certification:read
  description: Read certifications
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:entitlement:read
  description: Read entitlements
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:identity-profile:manage
  description: Manage identity profiles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:identity-profile:read
  description: Read identity profiles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:identity:read
  description: Read identity information
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:role-unchecked:manage
  description: Manage roles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:role-unchecked:read
  description: Read roles
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml
- scope: idn:sources:read
  description: Read sources
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/identity-security-cloud-v3.yml