Scoped access

Now that we've seen how to create and use access tokens, let's look at how to restrictive the access on a token using scopes.

For sites that support them, OAuth2 scopes are a great way to specify what API features an access token can use.

The GitHub API currently supports nearly a dozen scopes.

The scopes containing : are sub-scopes. So in this case if you set up user scope on your token, it implies you have user:email and user:follow as well.


Got it? Click Save & Submit Code to continue.