From 8d28e727e19cb6838a6105ad1852018cfb927068 Mon Sep 17 00:00:00 2001
From: Rajat Singh <17253992+rajatcing@users.noreply.github.com>
Date: Thu, 24 Apr 2025 08:38:40 +0200
Subject: [PATCH] docs: remove unused scopes/claims (#9786)

<!--
Please inform yourself about the contribution guidelines on submitting a
PR here:
https://github.com/zitadel/zitadel/blob/main/CONTRIBUTING.md#submit-a-pull-request-pr.
Take note of how PR/commit titles should be written and replace the
template texts in the sections below. Don't remove any of the sections.
It is important that the commit history clearly shows what is changed
and why.
Important: By submitting a contribution you agree to the terms from our
Licensing Policy as described here:
https://github.com/zitadel/zitadel/blob/main/LICENSING.md#community-contributions.
-->

# Which Problems Are Solved

Removed the scopes/claims that were not used.

# How the Problems Are Solved

Made small changes in readme that fixes it.

Signed-off-by: RAJAT SINGH <rajatsingh@RAJATs-MacBook-Pro.local>
Co-authored-by: RAJAT SINGH <rajatsingh@RAJATs-MacBook-Pro.local>
---
 docs/docs/apis/openidoauth/claims.md | 1 -
 docs/docs/apis/openidoauth/scopes.md | 1 -
 2 files changed, 2 deletions(-)

diff --git a/docs/docs/apis/openidoauth/claims.md b/docs/docs/apis/openidoauth/claims.md
index 4129806aef..b7424aaf1d 100644
--- a/docs/docs/apis/openidoauth/claims.md
+++ b/docs/docs/apis/openidoauth/claims.md
@@ -110,7 +110,6 @@ ZITADEL reserves some claims to assert certain data. Please check out the [reser
 | urn:zitadel:iam:org:domain:primary:\{domainname}  | `{"urn:zitadel:iam:org:domain:primary": "acme.ch"}`                                                      | This claim represents the primary domain of the organization the user belongs to.                                                                                                                                                        |
 | urn:zitadel:iam:org:project:roles                 | `{"urn:zitadel:iam:org:project:roles": [ {"user": {"id1": "acme.zitade.ch", "id2": "caos.ch"} } ] }`     | When roles are asserted, ZITADEL does this by providing the `id` and `primaryDomain` below the role. This gives you the option to check in which organization a user has the role on the current project (where your client belongs to). |
 | urn:zitadel:iam:org:project:\{projectid}:roles    | `{"urn:zitadel:iam:org:project:id3:roles": [ {"user": {"id1": "acme.zitade.ch", "id2": "caos.ch"} } ] }` | When roles are asserted, ZITADEL does this by providing the `id` and `primaryDomain` below the role. This gives you the option to check in which organization a user has the role on a specific project.                                 |
-| urn:zitadel:iam:roles:\{rolename}                 | TBA                                                                                                      | TBA                                                                                                                                                                                                                                      |
 | urn:zitadel:iam:user:metadata                     | `{"urn:zitadel:iam:user:metadata": [ {"key": "VmFsdWU=" } ] }`                                           | The metadata claim will include all metadata of a user. The values are base64 encoded.                                                                                                                                                   |
 | urn:zitadel:iam:user:resourceowner:id             | `{"urn:zitadel:iam:user:resourceowner:id": "orgid"}`                                                     | This claim represents the id of the resource owner organisation of the user.                                                                                                                                                             |
 | urn:zitadel:iam:user:resourceowner:name           | `{"urn:zitadel:iam:user:resourceowner:name": "ACME"}`                                                    | This claim represents the name of the resource owner organisation of the user.                                                                                                                                                           |
diff --git a/docs/docs/apis/openidoauth/scopes.md b/docs/docs/apis/openidoauth/scopes.md
index 263d888f31..86f9769cab 100644
--- a/docs/docs/apis/openidoauth/scopes.md
+++ b/docs/docs/apis/openidoauth/scopes.md
@@ -30,7 +30,6 @@ In addition to the standard compliant scopes we utilize the following scopes.
 | `urn:zitadel:iam:org:projects:roles`              | `urn:zitadel:iam:org:projects:roles`                   | By using this scope a client can request the claim `urn:zitadel:iam:org:project:{projectid}:roles` to be asserted for each requested project. All projects of the token audience, requested by the `urn:zitadel:iam:org:project:id:{projectid}:aud` scopes will be used.     |
 | `urn:zitadel:iam:org:id:{id}`                     | `urn:zitadel:iam:org:id:178204173316174381`            | When requesting this scope **ZITADEL** will enforce that the user is a member of the selected organization. If the organization does not exist a failure is displayed. It will assert the `urn:zitadel:iam:user:resourceowner` claims.                                       |
 | `urn:zitadel:iam:org:domain:primary:{domainname}` | `urn:zitadel:iam:org:domain:primary:acme.ch`           | When requesting this scope **ZITADEL** will enforce that the user is a member of the selected organization and the username is suffixed by the provided domain. If the organization does not exist a failure is displayed                                                    |
-| `urn:zitadel:iam:role:{rolename}`                 |                                                        |                                                                                                                                                                                                                                                                              |
 | `urn:zitadel:iam:org:roles:id:{orgID}`            | `urn:zitadel:iam:org:roles:id:178204173316174381`      | This scope can be used one or more times to limit the granted organization IDs in the returned roles. Unknown organization IDs are ignored. When this scope is not used, all granted organizations are returned inside the roles.[^1]                                        |
 | `urn:zitadel:iam:org:project:id:{projectid}:aud`  | `urn:zitadel:iam:org:project:id:69234237810729019:aud` | By adding this scope, the requested projectid will be added to the audience of the access token                                                                                                                                                                              |
 | `urn:zitadel:iam:org:project:id:zitadel:aud`      | `urn:zitadel:iam:org:project:id:zitadel:aud`           | By adding this scope, the ZITADEL project ID will be added to the audience of the access token                                                                                                                                                                               |