Scopes for OAuth Apps
Scopes let you specify exactly what type of access you need. Scopes limit access for OAuth tokens. They do not grant any additional permission beyond that which the user already has.
When setting up an OAuth App on TextMaster, requested scopes are displayed to the user on the authorization form.
Available Scopes
| Name | Description |
|---|---|
| Grants read-only access to public information (such as, but not limited to, available languages, options, pricing, expertises). This is the default scope if none is provided. |
| Grants full access to user's profile info only (includes |
| Grants read-only access to user's profile info. |
| Grants read/write access to user's profile info. |
| Grants read-only access to user's private email address. |
| Grants full access to glossaries (includes the ones shared from organization). |
| Grants read-only access to glossaries (includes the ones shared from organization). |
| Grants read/write access to glossaries (includes the ones shared from organization). |
| Grants full access to projects, documents and templates (includes |
| Grants read-only access to projects, documents and templates. |
| Grants read/write access to projects, documents and templates. |
| Grants access to launch projects and debit the client's account. |
| Grants access to request project quotations. |
| Grants full access to team discussions. |
| Grants read-only access to team discussions. |
| Grants read/write access to team discussions. |
| Grants read-only access to financial transactions. |
| Grants full access to client's preferred authors. |
| Grants read-only access to client's preferred authors. |
| Grants read/write access to client's preferred authors. |
resource:manage scopes grants full access to the resource. You should use this scope as a shortcut for requesting all permissions on a given resource instead of listing them individually. However, we advise that OAuth apps only request the permissions they absolutely need to operate under normal conditions.
Tips: Your OAuth App can request the scopes in the initial redirection. You can specify multiple scopes by separating them with a space using %20:
Requested scopes and granted scopes
The scope attribute lists scopes attached to the token that were granted by the user. Normally, these scopes will be identical to what you requested. However, users can edit their scopes, effectively granting your application less access than you originally requested. Also, users can edit token scopes after the OAuth flow is completed. You should be aware of this possibility and adjust your application's behavior accordingly.
It is important to handle error cases when a user chooses to grant you less access than you originally requested. For example, applications can warn or otherwise communicate with their users that they will see reduced functionality or be unable to perform some actions.
Also, applications can always send users back through the flow again to request additional permissions, but don’t forget that users can always deny those.
Last updated