Scopes for OAuth Apps

Scopes let you specify exactly what type of access you need. Scopes limit access for OAuth tokens. They do not grant any additional permission beyond that which the user already has.

When setting up an OAuth App on TextMaster, requested scopes are displayed to the user on the authorization form.

Available Scopes

NameDescription

public

Grants read-only access to public information (such as, but not limited to, available languages, options, pricing, expertises). This is the default scope if none is provided.

user:manage

Grants full access to user's profile info only (includes user:email).

user:read

Grants read-only access to user's profile info.

user:write

Grants read/write access to user's profile info.

user:email

Grants read-only access to user's private email address.

glossary:manage

Grants full access to glossaries (includes the ones shared from organization).

glossary:read

Grants read-only access to glossaries (includes the ones shared from organization).

glossary:write

Grants read/write access to glossaries (includes the ones shared from organization).

project:manage

Grants full access to projects, documents and templates (includes project:launch and project:quote).

project:read

Grants read-only access to projects, documents and templates.

project:write

Grants read/write access to projects, documents and templates.

project:launch

Grants access to launch projects and debit the client's account.

project:quote

Grants access to request project quotations.

discussion:manage

Grants full access to team discussions.

discussion:read

Grants read-only access to team discussions.

discussion:write

Grants read/write access to team discussions.

transaction:read

Grants read-only access to financial transactions.

preferred_author:manage

Grants full access to client's preferred authors.

preferred_author:read

Grants read-only access to client's preferred authors.

preferred_author:write

Grants read/write access to client's preferred authors.

resource:manage scopes grants full access to the resource. You should use this scope as a shortcut for requesting all permissions on a given resource instead of listing them individually. However, we advise that OAuth apps only request the permissions they absolutely need to operate under normal conditions.

Tips: Your OAuth App can request the scopes in the initial redirection. You can specify multiple scopes by separating them with a space using %20:

https://app.textmaster.com/oauth/authorize?
  client_id=...&
  scope=user:read%20user:email

Requested scopes and granted scopes

The scope attribute lists scopes attached to the token that were granted by the user. Normally, these scopes will be identical to what you requested. However, users can edit their scopes, effectively granting your application less access than you originally requested. Also, users can edit token scopes after the OAuth flow is completed. You should be aware of this possibility and adjust your application's behavior accordingly.

It is important to handle error cases when a user chooses to grant you less access than you originally requested. For example, applications can warn or otherwise communicate with their users that they will see reduced functionality or be unable to perform some actions.

Also, applications can always send users back through the flow again to request additional permissions, but don’t forget that users can always deny those.

Last updated