An OAuth 2.0 Scope is a mechanism that defines the specific permissions and level of access a client application is requesting from a resource owner. It is a space-delimited, case-sensitive string of values in an authorization request that limits the issued token's capabilities, enforcing the Least Privilege Principle by ensuring an application cannot perform actions beyond what was explicitly consented to by the user.
Glossary
OAuth 2.0 Scopes

What is OAuth 2.0 Scopes?
A mechanism within the OAuth 2.0 authorization framework that defines the specific permissions and level of access a client application is requesting from a resource owner.
During the authorization flow, the client specifies desired scopes, and the authorization server presents them to the user for consent. The resulting access_token is intrinsically bound to these granted scopes. When the client presents the token to a resource server, the server validates the token and its associated scopes against the requested action, acting as a Policy Enforcement Point (PEP) to prevent unauthorized operations.
Key Characteristics of OAuth 2.0 Scopes
OAuth 2.0 scopes are the fundamental mechanism for implementing the principle of least privilege in delegated authorization. They define the exact boundaries of access a client application requests, enabling users to grant fine-grained permissions without exposing their primary credentials.
Permission Decomposition
Scopes decompose monolithic access into discrete, string-based permissions. Each scope represents a specific action on a protected resource.
- Format: Case-sensitive strings, often structured as
resource:action(e.g.,drive:read,profile:email) - Atomicity: A single scope should grant one specific capability, not a bundle
- Composability: Clients request multiple scopes in a single authorization request using space-delimited lists
Example: A photo printing service might request photos:read and storage:write—allowing it to download images and save prints, but not delete originals.
Dynamic vs. Static Scopes
OAuth 2.0 supports both statically defined and dynamically generated scopes, offering flexibility for complex authorization models.
- Static Scopes: Pre-registered with the authorization server. Predictable and auditable (e.g.,
openid,profile) - Dynamic Scopes: Registered at runtime by the resource server, often parameterized. Useful for fine-grained, resource-specific permissions
- Pattern:
resource:operation:resource-id(e.g.,document:edit:doc-123)
Dynamic scopes enable attribute-based access control (ABAC) patterns within the OAuth framework, allowing permissions to target specific objects.
Scope Validation and Enforcement
The authorization server is the Policy Decision Point (PDP) for scope issuance. It validates that the requested scopes are appropriate for the client and user.
- Client Registration: Scopes must be pre-approved for a client's identity
- User Consent: The resource owner must explicitly approve the requested scopes
- Token Introspection: Resource servers (PEPs) call the introspection endpoint to verify the token's scopes before serving data
Security Trimming: If a token lacks the admin:read scope, the resource server must filter out administrative fields from the response, enforcing field-level security.
Scope Design Best Practices
Well-designed scopes are critical for security and usability. Poor scope design leads to over-privileged clients and confused users.
- Least Privilege: Define the smallest possible unit of access. Avoid catch-all scopes like
/api/* - Clear Naming: Use intuitive, hierarchical namespaces (
read:publicvsread:private) - Consent Optimization: Minimize the number of scopes requested to reduce consent friction
- Incremental Authorization: Request additional scopes later in the user journey via a re-authorization prompt
Anti-pattern: A single admin scope that grants read, write, and delete privileges violates the principle of least privilege.
Scopes in Retrieval-Augmented Generation
In Answer Engine Architecture, OAuth scopes enforce document-level security during retrieval. The RAG pipeline uses the user's access token to perform pre-retrieval filtering.
- The query engine extracts scopes from the user's JWT
- A security trimming filter is applied to the vector database query, excluding chunks from unauthorized documents
- This prevents data leakage by ensuring the language model never sees restricted content
This mechanism is a core component of Retrieval-Augmented Generation Authorization, binding AI-generated answers to the user's real-time permissions.
Frequently Asked Questions
Clear, technical answers to the most common questions about how OAuth 2.0 scopes define and limit application permissions for secure API access.
An OAuth 2.0 scope is a mechanism that defines the specific permissions a client application is requesting from a resource owner. It works by limiting an access token's capabilities to a defined set of actions, enforcing the principle of least privilege. When a client initiates an authorization request, it includes a space-delimited, case-sensitive string of scope values in the scope parameter. The authorization server then presents these requested permissions to the user on a consent screen. After the user grants consent, the issued access token is intrinsically bound to those approved scopes. When the client presents this token to a resource server, the server validates the token and checks its associated scopes before allowing the requested operation. This prevents a token issued for reading a user's profile from being misused to delete their data, providing granular, delegated authorization without exposing the user's primary credentials.
Common OAuth 2.0 Scope Examples
Scopes define the specific actions a client can perform on behalf of a user. They are the mechanism for implementing the principle of least privilege in delegated authorization.
OpenID Connect Scopes
Standard scopes for identity and authentication, defined by the OpenID Connect specification.
- openid: Mandatory scope to initiate an authentication request. Returns an ID Token.
- profile: Requests access to the user's default profile claims (name, picture, locale).
- email: Requests access to the
emailandemail_verifiedclaims. - address: Requests access to the user's physical address claim.
- phone: Requests access to the
phone_numberandphone_number_verifiedclaims.
Google API Scopes
Google uses highly granular, URL-formatted scopes for its extensive API ecosystem.
- Read-only Calendar:
https://www.googleapis.com/auth/calendar.readonlyallows viewing events without modification rights. - Gmail Send:
https://www.googleapis.com/auth/gmail.sendgrants permission to send emails only, not read the inbox. - Drive File Access:
https://www.googleapis.com/auth/drive.filerestricts access to only files created or opened by the application, preventing broad data exposure.
GitHub OAuth Scopes
GitHub scopes control access to repositories, user data, and administrative functions.
- repo: Grants full control of private and public repositories, including code and settings.
- repo:status: Grants read/write access to commit statuses only, a minimal scope for CI/CD pipelines.
- read:org: Allows reading the user's organization memberships without exposing repository data.
- delete_repo: A highly privileged scope granting the ability to permanently delete repositories.
Microsoft Graph Scopes
Microsoft Graph uses a resource.operation.constraint format for fine-grained access to Microsoft 365 data.
- User.Read: Allows a user to sign in and read their own basic profile.
- Mail.ReadWrite: Grants the ability to read, create, and update a user's mail.
- Files.ReadWrite.All: Grants access to all files a user can access, a broad scope requiring admin consent.
- offline_access: Requests a refresh token, allowing the app to access data when the user is not present.
Slack Bot Token Scopes
Slack scopes define what a bot or app can do within a workspace, often separated by service.
- chat:write: Allows the bot to send messages as itself.
- channels:history: Grants access to view messages and other content in public channels.
- commands: Allows the app to register custom slash commands.
- users:read.email: Permits viewing the email addresses of users in the workspace, a sensitive scope.
Custom Enterprise Scopes
Organizations define custom scopes for internal microservices and APIs to enforce fine-grained authorization.
- documents:search: Allows a retrieval-augmented generation (RAG) system to query a vector database without read access to full documents.
- transactions:void: A specific scope for a payment service that allows canceling a transaction but not initiating a new one.
- reports:export.financial: A compound scope that grants access to a specific report type, limiting lateral movement.
OAuth 2.0 Scopes vs. Other Access Control Mechanisms
How OAuth 2.0 scopes compare to other common access control paradigms in terms of delegation model, granularity, and enforcement context.
| Feature | OAuth 2.0 Scopes | Role-Based Access Control (RBAC) | Attribute-Based Access Control (ABAC) |
|---|---|---|---|
Core Mechanism | Delegated permission strings requested by client, consented by resource owner | Static role assignments granting coarse permissions to users | Dynamic policy evaluation based on user, resource, and environment attributes |
Granularity | Fine-grained: scoped to specific API actions (e.g., read:email) | Coarse-grained: role bundles multiple permissions (e.g., 'admin') | Ultra-fine-grained: evaluates individual attributes per request |
Delegation Model | User-to-application delegation via consent screen | Administrator-to-user assignment; no third-party delegation | Policy-author-to-system; no user-facing delegation primitive |
Primary Use Case | Third-party API authorization and delegated access | Internal enterprise application access management | Dynamic, context-aware authorization in complex environments |
Policy Evaluation Point | Authorization Server at token issuance; Resource Server at API call | Application middleware or identity provider at login | Policy Decision Point (PDP) at runtime for every access request |
Revocation Complexity | Per-token or per-grant revocation; granular scope revocation via token exchange | Role removal affects all assigned permissions; broad impact | Attribute change cascades through all applicable policies instantly |
Cross-Organization Support | |||
Consent Requirement | Explicit user consent required per scope |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding OAuth 2.0 scopes requires familiarity with the broader authorization and access control landscape. These concepts define how permissions are structured, enforced, and audited.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us