Note: This endpoint is in preview and is subject to change.
If you have any feedback, contact Datadog support.
POST https://api.ap1.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.ap2.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.datadoghq.eu/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.ddog-gov.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.us2.ddog-gov.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.us3.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restrictionhttps://api.us5.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction
Overview
Create or update the scopes restriction configured for the OAuth2 client.
This endpoint requires the org_authorized_apps_write permission.
Arguments
Path Parameters
UUID of the OAuth2 client.
Request
Body Data (required)
Expand All
Data object of an upsert OAuth2 scopes restriction request.
Attributes of an upsert OAuth2 scopes restriction request.
OIDC scopes the client is allowed to request.
Datadog permission scopes the client is allowed to request.
Each value must be a valid permission name.
JSON:API resource type for an upsert OAuth2 client scopes restriction request.
Allowed enum values: upsert_scopes_restriction
default: upsert_scopes_restriction
{
"data": {
"attributes": {
"oidc_scopes": [
"openid",
"email"
],
"permission_scopes": [
"dashboards_read",
"metrics_read"
]
},
"type": "upsert_scopes_restriction"
}
}
Response
OK
Response payload describing the scopes restriction of an OAuth2 client.
Expand All
Data object of an OAuth2 client scopes restriction response.
Attributes of an OAuth2 client scopes restriction.
required_permission_scopes [required]
Permission scopes automatically required for this client (for example, mobile-app permission scopes).
Returns null when no scopes are required.
scopes_restriction [required]
Allowlist of OIDC and permission scopes enforced for the OAuth2 client.
OIDC scopes the client is restricted to.
permission_scopes [required]
Datadog permission scopes the client is restricted to.
UUID of the OAuth2 client this restriction applies to.
JSON:API resource type for an OAuth2 client scopes restriction.
Allowed enum values: scopes_restriction
default: scopes_restriction
{
"data": {
"attributes": {
"required_permission_scopes": [
"mobile_app_access"
],
"scopes_restriction": {
"oidc_scopes": [
"openid",
"email"
],
"permission_scopes": [
"dashboards_read",
"metrics_read"
]
}
},
"id": "fafa8e1c-36a5-11f0-a83d-da7ad0900001",
"type": "scopes_restriction"
}
}
Bad Request
API error response.
Expand All
A human-readable explanation specific to this occurrence of the error.
Non-standard meta-information about the error
References to the source of the error.
A string indicating the name of a single request header which caused the error.
A string indicating which URI query parameter caused the error.
A JSON pointer to the value in the request document that caused the error.
Status code of the response.
Short human-readable summary of the error.
{
"errors": [
{
"detail": "Missing required attribute in body",
"meta": {},
"source": {
"header": "Authorization",
"parameter": "limit",
"pointer": "/data/attributes/title"
},
"status": "400",
"title": "Bad Request"
}
]
}
Not Found
API error response.
Expand All
A human-readable explanation specific to this occurrence of the error.
Non-standard meta-information about the error
References to the source of the error.
A string indicating the name of a single request header which caused the error.
A string indicating which URI query parameter caused the error.
A JSON pointer to the value in the request document that caused the error.
Status code of the response.
Short human-readable summary of the error.
{
"errors": [
{
"detail": "Missing required attribute in body",
"meta": {},
"source": {
"header": "Authorization",
"parameter": "limit",
"pointer": "/data/attributes/title"
},
"status": "400",
"title": "Bad Request"
}
]
}
Too many requests
{
"errors": [
"Bad Request"
]
}
Code Example
## default
#
# Path parameters
export client_uuid="fafa8e1c-36a5-11f0-a83d-da7ad0900001"
# Curl command
curl -X POST "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/oauth2/clients/${client_uuid}/scopes_restriction" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
"data": {
"attributes": {
"oidc_scopes": [
"openid",
"email"
],
"permission_scopes": [
"dashboards_read",
"metrics_read"
]
},
"type": "upsert_scopes_restriction"
}
}
EOF
