OAuth Scopes
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://statuscodefyi.com/iframe/glossary/scopes/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://statuscodefyi.com/glossary/scopes/Add a dynamic SVG badge to your README or docs.
[](https://statuscodefyi.com/glossary/scopes/)Use the native HTML custom element.
A mechanism in OAuth 2.0 that limits what an access token is permitted to do by attaching a set of named permissions to it. Clients declare the scopes they require during the authorization request; the authorization server may grant all, some, or none of the requested scopes after the user consents. The issued token is then restricted to performing only actions covered by the granted scopes, enabling fine-grained access control without separate tokens per resource.