Login:
OpenIDConnect:
AcceptAccessToken: true
- AcceptAccessTokenScope: "arvados"
+ AcceptAccessTokenScope: "arvados"
{% endcodeblock %}
# If the provider-issued tokens are JWTs, and @Login.OpenIDConnect.AcceptAccessTokenScope@ is not empty, Arvados will check that the token contains the configured scope, and reject tokens that do not have the configured scope. This can be used to control which users or applications are permitted to access your Arvados instance.