Merge pull request #5899 from AfraHussaindeen/master_jwt-scope-array-doc

AfraHussaindeen · web-flow · commit 38ae85cf8f97 · 2026-02-17T21:01:01.000+05:30
Replace 'Tenant' with 'Organization'
diff --git a/en/includes/guides/fragments/manage-app/oidc-settings/access-token.md b/en/includes/guides/fragments/manage-app/oidc-settings/access-token.md
@@ -26,16 +26,17 @@
     }
     ```
 
+    {% if product_name == "Asgardeo" or (product_name == "WSO2 Identity Server" and is_version > "7.2.0") %}
     !!! note
         By default, the `scope` claim in JWT access tokens uses a space-separated string format (e.g., `"scope": "openid profile email"`). This format complies with the **JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens ([RFC 9068](https://www.rfc-editor.org/rfc/rfc9068.html))**.
 
         You can change this to a JSON array format (e.g., `"scope": ["openid", "profile", "email"]`), but this is **not recommended** as it deviates from the standard specification.
 
         If you still require this configuration, it can be applied at two levels:
 
-        - **Application level**: Set the `enableJwtScopeAsArray` property in the application's `accessToken` configuration via the [Application Management API]({{base_path}}/apis/{% if product_name == "Asgardeo" %}application-management{% else %}application-rest-api{% endif %}/). This overrides the tenant-level setting for the specific application.
+        - **Application level**: Set the `enableJwtScopeAsArray` property in the application's `accessToken` configuration via the [Application Management API]({{base_path}}/apis/{% if product_name == "Asgardeo" %}application-management{% else %}application-rest-api{% endif %}/). This overrides the organization-level setting for the specific application.
         {% if product_name == "WSO2 Identity Server" %}
-        - **Tenant level**: Use the [Server Configuration API]({{base_path}}/apis/configs-rest-api/#tag/Inbound-Authentication-Configurations/operation/updateOAuth2InboundAuthConfig) to set the `enableJwtScopeAsArray` property. This applies to all applications in the tenant unless overridden at the application level.
+        - **Organization level**: Use the [Server Configuration API]({{base_path}}/apis/configs-rest-api/#tag/Inbound-Authentication-Configurations/operation/updateOAuth2InboundAuthConfig) to set the `enableJwtScopeAsArray` property. This applies to all applications in the organization unless overridden at the application level.
         {% endif %}
         {% if product_name == "Asgardeo" %}
         - **Organization level**: Set the `enableJwtScopeAsArray` property via the following API. This applies to all applications in the organization unless overridden at the application level.
@@ -51,6 +52,7 @@
             }'
             ```
         {% endif %}
+    {% endif %}
 
 {% if product_name == "Asgardeo" or (product_name == "WSO2 Identity Server" and is_version != "7.0.0") %}
 #### Access Token Attributes
