Date: 26.06.2017

OAuth scopes

OAuth scopes let you specify exactly how your app needs to access a Portal user's account. As an app developer, you specify your desired scopes in the initial OAuth authorization request. When a user is responding to your OAuth request, the requested scopes will be displayed to them when they are asked to approve your request.

Portal's system of OAuth permission scopes governs usage of Portal apps and their use of the Web Api .


Types of Scopes

Portal uses scopes that refer to the object they grant access to, followed by the class of actions on that object they allow (e.g. file:write).

The list of objects includes files, search, chat along with many other objects in Portal. There are currently only two classes of action:

  • read: Reading the full information about a single resource.
  • write: Modifying the resource in any way e.g. creating, editing, or deleting.

For example, to request access to the user's profile information, your app would request users.profile:read.