Identity
Admins
Federated authentication
Making sure your users only use federated single sign-on to authenticate
Federating Advanced Single Sign-On to Azure Active Directory
How to add or replace an x509 certificate for Azure Active Directory federations
Configuring multi-factor authentication (MFA)
Identity and MFA FAQs for admins
Password policy
Resetting passwords
User roles and permissions
Creating and managing users
Onboarding new users with welcome emails
Adding custom content to welcome emails
Creating and managing custom scopes
Add Login URLs to your Organisation
MFA - mandatory for Admins
Unlock user account
Setting up a SAML Client
An Introduction to Multi-Factor Authentication & Single Sign-On
Identity and MFA FAQs
OneAdvanced Single Sign-on login process when using an authenticator app
OneAdvanced Single Sign-on login process when using email for authentication
OneAdvanced Single Sign-on login process for federated accounts
OneAdvanced Identity login using username
User Journey for EasyPass (Passkeys)
Security questions
How to help keep your OneAdvanced account safe and secure
Integrations
OneAdvanced AI
Getting started
Introducing OneAdvanced AI
How does OneAdvanced AI work?
Benefits of using OneAdvanced AI
Limitations of using OneAdvanced AI
Definition of terms
Prompts
Getting started with prompts in OneAdvanced AI
Prompt engineering
Avoiding Common Pitfalls and Errors
Using prompts in OneAdvanced AI
Using OneAdvanced AI to summarise a document
Using OneAdvanced AI to simplify information
Using OneAdvanced AI to compare documents
Using OneAdvanced AI to create visuals using data
Private Spaces
Administration
FAQs
Platform
Helpful how-to guides
How To - Add a Spreadsheet or Chart to your Desk
How To - Add Youtube Videos to a Desk
How To - Add a Spotify Playlist to a Desk
How To - Add Microsoft Stream Videos to a Desk
How to stop unwanted time-outs
Admin
Desks
Applets
Applets Overview
Advanced Financials Applets
Setting up Advanced Financials Applets
Advanced HR Applets
Clear Review Applets
Contract Management Applets
Countdown Applet
Desk Notes Applet
iFrame Applet
My Link/Links Applet
RSS Feed Applet
Ideas Applets
Tasks
Data Platform
- All topics
- Identity
- Admins
- Creating and managing custom scopes
Creating and managing custom scopes
Customer Admins can now create custom scopes and assign them to API clients. Scopes help define what level of access an application (API client) has when requesting tokens. By using custom scopes, you can tailor access to match your organisation’s needs.
What is a Scope?
A scope is a permission or access boundary that defines what an API client can do. For example, one scope might allow reading data, while another allows writing data.
Custom scopes let you create your own keys, specific to your organisation’s requirements.
Creating a custom scope
- Log in as a Customer Admin.
- Go to the Apps > Integration > API Client
- On API Client screen, you may find a tab called 'Scope'
To Create a new scope, click on 'Add Scope' button
- Name: A unique identifier for the scope (e.g. reporting.read or users.manage).
- Description: A short explanation of what this scope allows (e.g., Grants read-only access to reports).
- Click Add.
Your scope is now created and available for assignment
Assigning a custom scope to an API client
- Navigate to the API Clients section.
- Select the API client you want to configure
- Under Actions columns, select 'Assign scope'
- Select scope to assign to API client and click Save
Removing an assigned scope
If you need to remove a scope already assigned to an API client:
- Navigate to the Assign Scope screen for that client.
- Click the cross (✖) icon provided beside the scope.
- Click on save.
The scope will be unassigned and no longer available to that API client.
The Edit and Delete options for scopes are currently visible in the UI but not yet functional.
Clicking them will not make any changes. Full support for editing and deleting scopes will be released in an upcoming update.
