Skip to content

OAuth Scopes

Medium — good to knowSecurity

ELI5 — The Vibe Check

OAuth Scopes define what an app is allowed to do with your account. 'Read your email' is a scope. 'Send email on your behalf' is another. When an app asks for permission, those checkboxes ARE scopes. It's like giving someone a key that only opens specific rooms.

Real Talk

OAuth scopes are strings that define the permissions granted to an access token. The client requests scopes during authorization, the user consents, and the authorization server issues a token with approved scopes. Resource servers check token scopes to authorize operations, enabling principle of least privilege for delegated access.

When You'll Hear This

"The GitHub OAuth app only requests 'repo:read' scope — it can't modify your code." / "Always request the minimum scopes your app needs — users trust apps that ask for less."

Related Terms

Access Token

An Access Token is your short-lived pass to access an API. It proves you're authenticated and what you're allowed to do.

beginnerSecurity

OAuth (Open Authorization)

OAuth is the system behind 'Login with Google.' Instead of making a new account, you let Google vouch for you.

intermediateBackend

PKCE

PKCE (pronounced 'pixy') prevents someone from stealing your OAuth authorization code and using it.

advancedSecurity

Principle of Least Privilege

Principle of Least Privilege means everyone and everything gets only the MINIMUM access needed to do their job. The intern doesn't get admin access.

beginnerSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.