# Custom Claims Format

### Creating the Custom Scope Claim for DecisionRules Solver API

To correctly set up the **OAuth M2M flow**, the Access Token must contain a custom scope claim that specifically identifies the organization, space, and target API (Solver) the client is authorized to access.

This claim ensures the token is restricted and valid only for the intended resources within your DecisionRules instance.

{% hint style="success" %}
First OAuth setup is done with the deployment with **DecisionRules Engineers.**&#x20;
{% endhint %}

#### Custom Scope Format

The required format for the custom scope claim is a colon-separated string that must start with `decisionrules`.

**The structure is as follows:**

$$\text{decisionrules}:\text{orgid}:\langle\text{Organization ID}\rangle:\text{spaceid}:\langle\text{Space ID}\rangle:\langle\text{scope}\rangle$$

**example:**

`decisionrules:orgid:12b057b4-865b-4545-81c4-8899d1da3537:spaceid:8ba6bac9-08a8-e648-8a2c-0b3992a9b4d6:solver`

| **Component**       | **Description**                                                | **Example Value**                                                          |
| ------------------- | -------------------------------------------------------------- | -------------------------------------------------------------------------- |
| `decisionrules`     | Mandatory prefix indicating the target service.                | `decisionrules`                                                            |
| `orgid`             | Fixed identifier for the Organization ID key.                  | `orgid`                                                                    |
| `<Organization ID>` | The unique identifier of your DecisionRules Organization.      | `12b057b4-865b-4545-81c4-8899d1da3537`                                     |
| `spaceid`           | Fixed identifier for the Space ID key.                         | `spaceid`                                                                  |
| `<Space ID>`        | The unique identifier of the Space within the Organization.    | `8ba6bac9-08a8-e648-8a2c-0b3992a9b4d6`                                     |
| `scope`             | The specific API resource scope you are authorizing access to. | <p>Currently only supported scope is <code>solver</code> </p><p>      </p> |
|                     |                                                                |                                                                            |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.decisionrules.io/doc/api/api-keys/enterprise-oauth-m2m/custom-claims-format.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.