keycloak-scim/server_admin/topics/clients/proc-evaluating-client-scopes.adoc

[id="proc_evaluating_client_scopes_{context}"]

[role="_abstract"]
The *Mappers* tab contains the protocol mappers and the *Scope* tab contains the role scope mappings declared for this client. They do not contain the mappers and scope mappings inherited from client scopes. It is possible to see the effective protocol mappers (that is the protocol mappers defined on the client itself as well as inherited from the linked client scopes) and the effective role scope mappings used when generating a token for a client.

.Procedure
. Click the *Client Scopes* tab for the client.
. Open the sub-tab *Evaluate*. 
. Select the optional client scopes that you want to apply. 

This will also show you the value of the *scope* parameter. This parameter needs to be sent from the application to the {project_name} OpenID Connect authorization endpoint.

.Evaluating Client Scopes
image:{project_images}/client-scopes-evaluate.png[]

[NOTE]
====
To send a custom value for a *scope* parameter from your application, see the link:{adapterguide_link}#_params_forwarding[parameters forwarding section], for servlet adapters or the link:{adapterguide_link}#_javascript_adapter[javascript adapter section], for javascript adapters.
====

An example of a generated access token, specific to the user, client and *scope* parameter, is automatically generated under the *Generated Access Token* tab.
Keycloak 16054 (#35) * KEYCLOAK-16054 main changes * renaming * fixes renaming errors 2020-10-29 18:01:37 +00:00			`[id="proc_evaluating_client_scopes_{context}"]`

			`[role="_abstract"]`
applying bold to clients chapter 2020-11-11 16:00:15 +00:00			`The Mappers tab contains the protocol mappers and the Scope tab contains the role scope mappings declared for this client. They do not contain the mappers and scope mappings inherited from client scopes. It is possible to see the effective protocol mappers (that is the protocol mappers defined on the client itself as well as inherited from the linked client scopes) and the effective role scope mappings used when generating a token for a client.`
Keycloak 16054 (#35) * KEYCLOAK-16054 main changes * renaming * fixes renaming errors 2020-10-29 18:01:37 +00:00
			`.Procedure`
applying bold to clients chapter 2020-11-11 16:00:15 +00:00			`. Click the Client Scopes tab for the client.`
			`. Open the sub-tab Evaluate.`
Keycloak 16054 (#35) * KEYCLOAK-16054 main changes * renaming * fixes renaming errors 2020-10-29 18:01:37 +00:00			`. Select the optional client scopes that you want to apply.`

applying bold to clients chapter 2020-11-11 16:00:15 +00:00			`This will also show you the value of the scope parameter. This parameter needs to be sent from the application to the {project_name} OpenID Connect authorization endpoint.`
Keycloak 16054 (#35) * KEYCLOAK-16054 main changes * renaming * fixes renaming errors 2020-10-29 18:01:37 +00:00
			`.Evaluating Client Scopes`
			`image:{project_images}/client-scopes-evaluate.png[]`

			`[NOTE]`
			`====`
applying bold to clients chapter 2020-11-11 16:00:15 +00:00			`To send a custom value for a scope parameter from your application, see the link:{adapterguide_link}#_params_forwarding[parameters forwarding section], for servlet adapters or the link:{adapterguide_link}#_javascript_adapter[javascript adapter section], for javascript adapters.`
Keycloak 16054 (#35) * KEYCLOAK-16054 main changes * renaming * fixes renaming errors 2020-10-29 18:01:37 +00:00			`====`

applying bold to clients chapter 2020-11-11 16:00:15 +00:00			`An example of a generated access token, specific to the user, client and scope parameter, is automatically generated under the Generated Access Token tab.`