Manage OIDC Claims and Scopes
Use the OIDC Settings page to define the claims and scopes that can be used for adding OIDC relying party. The changes that you make to claims will be applied to all the OIDC connections that use these claims.
When you configure an OIDC-based protected resource, you control which claims are sent to the application. Each claim includes customizable display text that appears in user consent forms, helping users understand what information is being shared from the identity provider (IdP) to the application.
A global scope and claim mapping configuration allows you to:
Map identity source attributes to OIDC claims
Optionally group claims into scopes by entering the name of an existing or new scope in the Scopes field
Reuse configured claims and scopes across multiple OIDC applications
This centralized configuration helps you maintain consistent, transparent, and secure data sharing between RSA ID Plus and connected applications.
Procedure
To add claims and scopes:
In the Cloud Administration Console, click Access > OIDC Settings.
On the Claims tab, provide the details as described in the following table.
Field Description Claim Name Name of the claim. Select source
Select the source.
Identity Source sends a user attribute from the identity source.
Constant sends a static string, for example, the name of the application.
Value/select property Select a property if the Source is Identity Source or specify a value if Source is Constant. Scopes Type the name of an existing scope or new scope. If you add a new scope, it will appear on the Scopes tab. Consent Description Provide a user-friendly description about the claim when getting user's permission in a consent form. Click the plus icon to save the claim and add another claim.
On the Scopes tab, enter the new scope.
Note: The Scopes tab displays the scopes added from both Claims and Scopes table. Click the expand icon to view the associated claim details.
To save the scope and add another scope, click the plus icon.
Click Save Settings.
(Optional) To publish this configuration and immediately activate it, click Publish Changes.
Related Articles
Cloud Access Service - Relying Parties Number of Views JAMF Connect - Relying Party Configuration using OIDC- RSA Ready Implementation Guide Number of Views JAMF Connect - My Page SSO Configuration using OIDC- RSA Ready Implementation Guide Number of Views Salesforce - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide Number of Views Integrating RSA Authentication Agent with RSA Authentication Manager 8.1 Risk-Based Authentication Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
