Ajax-loader-large-white
OAuth2
Checking the required scopes for an API method

Not all API methods require the same level of access. Methods that return only public information do not require any OAuth scopes at all. Others declare the access required via the "X-Accepted-OAuth-Scopes" response header.

Let's adapt our previous exercise to check the required scopes this time.

Instructions

Since last time we used the API root for our endpoint which requires no scopes, let's change that to hit the authenticated user profile endpoint: "https://api.github.com/user".

?
Stuck? Get a hint! Hint
Get live, fast support from Codecademy Advisors when you get stuck. Learn more.

Change the URL in your .get call and change the last line to print response.headers["X-Accepted-OAuth-Scopes"] instead.

script.rb