ReferenceScopes
admin
Example custom scope, admin operations.
OAuth2 scope: admin
Source: Per-app
Description
Example custom scope, admin operations.
Requesting this scope
In the authorization URL:
GET /oauth2/auth?
&scope=admin
...Multiple scopes are space-separated.
Granting access
A client only receives this scope if it's on the client's allowed scope list. Configure in Athena → OAuth2 Clients → your client → Allowed Scopes.
Checking in your backend
The access token's scope claim contains the granted scopes:
const granted = info.scope?.split(" ") ?? [];
if (!granted.includes("admin")) return 403;