From IndieWeb
Jump to: navigation, search

In OAuth terminology, scope is a way to limit what parts of your account are accessible by third-party applications.

For example, you can choose to allow one application to read your basic profile info, while another application may be authorized to post on your behalf.

Scopes used by IndieWeb apps

quill scope selection.png
  • Quill requests the "create" and/or "update" scope when authorizing it to create posts on your domain.
  • OwnYourGram requests the "create" scope when authorizing it to create photo posts on your domain.
  • requests the scopes "post" or "create update delete undelete", for the user to choose
  • Indigenous requests the "create", "update" and "delete" scopes when logging in to the app.

Scopes accepted by IndieWeb sites

aaronpk auth form.png
  • Aaron Parecki requires the "create" scope in order for a client to create new posts, "update" for updates, and "delete" for deletes. "media" for file uploads.
  • Pelle Wessman, using his micropub-to-github endpoint, requires the "create" or "post" scope for a client to give access, treating "create" as the preferred one
  • Sebastiaan Andeweg uses scopes "create", "update", "delete", "media" (for photo upload) and "media-plus" (for uploads without limitations on file extension)

Scopes used by Silos


Github has defined many scopes for granting very granular permissions to applications. By default, applications can only read public profile info unless granted explicit scopes. Write access to any parts of a user account must be explicitly authorized with one or more scopes such as "user", "repo", or "gist". Deleting repos requires a specialized scope as well.

See the full list of Github OAuth scopes.


Scopes that conform to the OpenID Connect standard have full names that are short: profile, email and openid—they are not in the form of a URI. On the other hand, Google-specific scopes are in the form of a URI, such as

seeAlso: Authorization scopes

See Also