You can create a template to enable a group of clients to register dynamically with the Workspace ONE Access service to allow users access specific applications.
Procedure
- In the Workspace ONE Access console page, select Templates.
- Click ADD TEMPLATE and configure the following .
Label |
Description |
Template ID |
Enter a unique name that identifies this template. The name can be a combination of letters, numbers and the special characters _ . - @ . The template ID cannot have spaces in the name. |
Scope |
For the User Access Token, select one or more identity scopes that you want as part of the OAuth 2.0 authorization request. |
Redirect URI |
Enter the registered redirect URI. Enter as https://redirecturi.com. You can use a comma separated list to add more than one redirect URL. |
Token Type |
This attribute tells the application what type of access token it is given. For the Workspace ONE Access service, the tokens are bearer tokens. |
Issue Refresh Token |
To allow for the return of a refresh token, leave this option enabled. |
Refresh Token TTL |
Set Refresh Token time to live. New access tokens can be requested until the refresh token expires. |
Access Token time-to-live (TTL) |
Set the access token time-to-live length. The access token expires based on the TTL set in Access Token Time-To-Live. If Issue Refresh Token is enabled, when the access token expires, the application uses the refresh token to request a new access token. |
Idle Token Time-to-Live (TTL) |
Configure how long a refresh token can be idle before it cannot be used again. |
User Grant |
Prompt users for scope acceptance is enabled. Users are shown a message that lists the scopes that are being sent. |
- Click SAVE.