> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn how to update your Auth0 integrations to manage connections with options-specific scopes.

# Migrate to Management API Connection Options Scopes

​Auth0 is introducing two new Management API [scopes](/docs/get-started/apis/scopes) for connection options: `read:connections_options` and `update:connections_options`.

We are additionally deprecating the ability to access or update the `options` field without the appropriate scopes, resulting in the following breaking changes:

* Responses from the [Get All Connections](/docs/api/management/v2/connections/get-connections) and [Get Connection by Id](/docs/api/management/v2/connections/get-connections-by-id) endpoints do not include the `options` field unless the caller has the `read:connections_options` scope.
* Requests to the [Update a Connection](/docs/api/management/v2/connections/patch-connections-by-id) endpoint fail if the request body contains the options field and the caller does not have the `update:connections_options` scope. Successful responses do not include the `options` field unless the caller has the `read:connections_options` scope.

To continue using the `options` field, you must update your application grants to include the new scopes. Follow the steps below to identify whether your tenant and integrations are affected, migrate to the options-specific scopes, and finally opt out of the deprecated behavior.

## Identify affected tenants

Use Auth0 Dashboard to confirm if a tenant is allowed to access connection options without the new scopes and requires migration.

1. Navigate to [Auth0 Dashboard > Tenant Settings > Advanced](https://manage.auth0.com/dashboard/#/tenant/advanced).
2. Scroll down to the **Migrations** section.
3. Look for the **Allow Connections Management** without Options Scopes toggle:
   A. If the toggle is **on**, your tenant can still access connection options without the new scopes, and you must migrate before the deadline.
   B. If the toggle is absent or **off**, no further action is required.

## Identify affected integrations

Review the `depnote` tenant logs to determine which applications and integrations use the impacted endpoints. The following sample query demonstrates how you can query for the deprecation notice tenant logs specific to this deprecation:

```
type:depnote AND description:Allow\ Connections\ Management\ without\ Options\ Scopes*
```

To learn more, read [Log Search Query Syntax](docs/deploy-monitor/logs/log-search-query-syntax).

Once you have the query results, inspect the `client_id` field to identify each application that may be potentially affected. Due to the nature of the changes, the existence of a deprecation notice for a specific client application does not necessarily mean that the application is impacted.

​If the `client_id` field has an empty value, this means that the request to the impacted endpoint originated from an extension. Several Auth0 extensions can cause deprecation notice tenant logs that are false positives. Once you complete the extension-specific steps listed in the Update extensions section, you can ignore deprecation notices with an empty client identifier.

## Update application grants

For applications retrieving or updating the `options` field using the impacted endpoints, update their Management API grants to include the necessary scopes.

1. Navigate to [Auth0 Dashboard > Applications > APIs](https://manage.auth0.com/dashboard/#/apis).
2. Select the **Auth0 Management API**, then the **Machine to Machine Applications** tab.
3. Next to the application requiring an update, select the down-arrow icon to expand the section.
4. In the Permissions section, search for `“connections_options”`. Enable one or both of the new scopes. Then, choose **Update** to save your changes.
   <Frame>
     <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/update-connections-permissions.png" alt="Update Management API permissions" />
   </Frame>

## Update extensions

Update to the latest version of the [Delegated Administration Dashboard](/docs/customize/extensions/delegated-administration-extension/install-delegated-admin-extension) extension. This update is necessary because the extension requires access to the connection options field to function properly. If you use this extension, ensure it is updated to maintain its functionality.

## Opt-Out (Finalize Migration)

Once your integrations no longer depend on the deprecated behavior, we recommend configuring your tenant to explicitly opt out of allowing connections management without options scopes. This lets you choose exactly when your tenant adopts the new behavior, providing more control over your migration process.

1. Navigate to [Auth0 Dashboard > Tenant Settings > Advanced](https://manage.auth0.com/dashboard/#/tenant/advanced).
2. Under the Migrations section, toggle off the **Allow Connections Management without Options Scopes** option.

If you face any issues, you can revert the same toggle to temporarily restore the previous behavior while you address the problem.