Next: Create a Custom Badge, Previous: Authorize an OAuth App, Up: Building OAuth Apps [Index]
Scopes let you specify exactly what type of access you need.
When setting up an OAuth App on GitHub, requested scopes are displayed to the user on the authorization form.
If your OAuth App doesn’t have access to a browser, such as a CLI tool, then you don’t need to specify a scope for users to authenticate to your app.
Check headers to see what OAuth scopes you have, and what the API action accepts:
$ curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com/users/codertocat -I HTTP/1.1 200 OK X-OAuth-Scopes: repo, user X-Accepted-OAuth-Scopes: user
$ curl -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/users/wlharvey4 -I > X-OAuth-Scopes: admin:gpg_key, admin:org, admin:org_hook, admin:public_key, admin:repo_hook, delete_repo, gist, notifications, repo, user, workflow, write:discussion
| • Available Scopes | ||
| • Request Scopes | ||
| • Requested scopes and granted scopes |