Whats scopes to be provided to OAUTH client to enable it to update user profiles in AM? Basically AM is the resource server as well as Authorization server, and my client application should have the delegated admin privileges to update user profile attributes like email and also able to update passwords.
Once the client configured, what endpoint to call update profile using the access token granted by AM
OAuth2 is a federation protocol commonly used to grant 3rd-party applications access to RO’s information by exchanging security tokens. And as such, it facilitates sharing of user information and not updating. That said, you can use AM’s rest API to update user data. You will need a valid user session before you can invoke the API. Please see below for info on AM’s REST API: