Oauth2 scopes adoption by ION API (Infor suites and Infor/non-Infor authorized apps)

With the 2020-06 release of Xi Platform CE, all API suites and authorized apps of the Xi Platform platform are scopes compatible. Configuration settings for OAuth2.0 scopes are visible, but this configuration applies to the API suites of Xi Platform and authorized apps using Xi Platform APIs. There is no impact on authorized apps belonging to other Infor cloud suites or customers.

The scopes feature is kept OFF by default to maintain backward compatibility. A tenant administrator must opt in to use scopes.

Note: For custom application/backend service apps, when the tenant enables scopes, all custom apps created by the tenant (and the ION backend service app) do not participate in scopes. Using scopes is due to precautions such as assigning scopes to service accounts in IFS or modifying the web-mobile application code. Tenants can enable scopes for these authorized apps at the app level after the necessary precautions are taken.