I’m trying to audit our OAuth clients programmatically to ensure none of them have excessive scope assignments. I’ve been using the Embeddable Client App SDK to handle authentication and API calls in a custom admin tool. The idea is simple: fetch the list of all OAuth clients, then iterate through them to check their associated scopes.
Here’s the code snippet I’ve been using:
val oauthClient = client.auth.oauthClient
val clients = oauthClient.getOauthClients()
for (client in clients) {
println("Client: ${client.name}, Scopes: ${client.scopes}")
}
The issue is that client.scopes is always an empty list. I’ve verified that these clients do have scopes assigned in the Genesys Cloud admin UI. I’ve also tried using the REST API directly with the following endpoint:
GET /api/v2/oauth/clients
The response looks like this:
{
"entities": [
{
"id": "abc123",
"name": "MyApp",
"scopes": []
}
]
}
I’ve checked the documentation, and it seems like the scopes should be included in the response. I’ve also tried using the GET /api/v2/oauth/clients/{clientId} endpoint to get details for a specific client, but the scopes are still missing.
I’ve verified that the access token I’m using has the admin:oauthclient:read scope, so that shouldn’t be the issue. I’ve also tried using different access tokens, but the result is the same.
I’m wondering if there’s a specific way to fetch the scopes for an OAuth client, or if this is a known limitation of the API. Any help would be appreciated.