When a third-party application requests scopes, users see a consent prompt. By default, this prompt uses the scope name to generate text and groups all scopes for a resource, displaying the resource’s actions in a single line. If you require a specialized consent prompt, for example, parental consent, you need to build your own custom consent form. Be aware that laws vary according to country. For example, let’s say you have an Auth0-registered API with the following defined scopes:
  • read:messages: Be able to read your email messages
  • write:messages: Write messages
The consent prompt will display Messages: read and write your messages. Instead, you can use your defined scope description to generate this text. In this case, the consent dialog would display: Be able to read your email messages, Write messages. This change is made at the tenant level, so it will affect consent prompts for all APIs on the tenant.

Use scope descriptions to generate consent prompt text

Set your tenant’s use_scope_descriptions_for_consent flag to true by making the following API call: 
curl --request PATCH \
  --url 'https://{yourDomain}/api/v2/tenants/settings' \
  --header 'authorization: Bearer API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "flags": { "use_scope_descriptions_for_consent": true } }'

Use scope names to generate consent prompt text

Set your tenant’s use_scope_descriptions_for_consent flag to false by making the following API call: 
curl --request PATCH \
  --url 'https://{yourDomain}/api/v2/tenants/settings' \
  --header 'authorization: Bearer API_ACCESS_TOKEN' \
  --header 'cache-control: no-cache' \
  --header 'content-type: application/json' \
  --data '{ "flags": { "use_scope_descriptions_for_consent": false } }'

Learn more