OAuth Scopes

Last updated 5 years ago

Was this helpful?

OAuth Scopes

The API is divided up into access scopes. The scopes are hierarchical, i.e. if you have access to read, you automatically have access to read:accounts. It is recommended that you request as little as possible for your application.

Multiple scopes can be requested at the same time: During app creation with the scopes param, and during the authorization phase with the scope query param (space-separate the scopes).

Mind the scope vs scopes difference. This is because scope is a standard OAuth parameter name, so it is used in the OAuth methods. Mastodon’s own REST API uses the more appropriate scopes.

If you do not specify a scope in your authorization request, or a scopes in your app creation request, the resulting access token / app will default to read access.

The set of scopes saved during app creation must include all the scopes that you will request in the authorization request, otherwise authorization will fail.

Version history

0.9.0 - read, write, follow 2.4.0 - push 2.4.3 - granular scopes 2.6.0 - read:reports deprecated (unused stub) 2.6.0 - write:conversations added 2.9.1 - Admin scopes added 3.1.0 - Bookmark scopes added

List of scopes

`read`

Grants access to read data. Requesting read will also grant child scopes shown in the left column of the table below.

`write`

Grants access to write data. Requesting write will also grant child scopes shown in the right column of the table below.

`follow`

Grants access to manage relationships. Requesting follow will also grant the following child scopes, shown in bold in the table:

read:blocks, write:blocks
read:follows, write:follows
read:mutes, write:mutes

`push`

Admin scopes

Used for moderation API. Added in Mastodon 2.9.1. The following granular scopes are available (note that there is no singular admin scope):

admin:read
- admin:read:accounts
- admin:read:reports
admin:write
- admin:write:accounts
- admin:write:reports

Granular scopes

read

write

read:accounts

write:accounts

read:blocks

write:blocks

read:bookmarks

write:bookmarks

write:conversations

read:favourites

write:favourites

read:filters

write:filters

read:follows

write:follows

read:lists

write:lists

write:media

read:mutes

write:mutes

read:notifications

write:notifications

write:reports

read:search

read:statuses

write:statuses

admin:read

admin:write

admin:read:accounts

admin:write:accounts

admin:read:reports

admin:write:reports

PreviousOAuth Nextapps

Last updated 5 years ago

Was this helpful?

OAuth Scopes

Multiple scopes can be requested at the same time: During app creation with the scopes param, and during the authorization phase with the scope query param (space-separate the scopes).

Mind the scope vs scopes difference. This is because scope is a standard OAuth parameter name, so it is used in the OAuth methods. Mastodon’s own REST API uses the more appropriate scopes.

If you do not specify a scope in your authorization request, or a scopes in your app creation request, the resulting access token / app will default to read access.

The set of scopes saved during app creation must include all the scopes that you will request in the authorization request, otherwise authorization will fail.

Version history

List of scopes

`read`

Grants access to read data. Requesting read will also grant child scopes shown in the left column of the table below.

`write`

Grants access to write data. Requesting write will also grant child scopes shown in the right column of the table below.

`follow`

Grants access to manage relationships. Requesting follow will also grant the following child scopes, shown in bold in the table:

read:blocks, write:blocks
read:follows, write:follows
read:mutes, write:mutes

`push`

Grants access to Added in Mastodon 2.4.0.

Admin scopes

Used for moderation API. Added in Mastodon 2.9.1. The following granular scopes are available (note that there is no singular admin scope):

admin:read
- admin:read:accounts
- admin:read:reports
admin:write
- admin:write:accounts
- admin:write:reports

Granular scopes

read

write

read:accounts

write:accounts

read:blocks

write:blocks

read:bookmarks

write:bookmarks

write:conversations

read:favourites

write:favourites

read:filters

write:filters

read:follows

write:follows

read:lists

write:lists

write:media

read:mutes

write:mutes

read:notifications

write:notifications

write:reports

read:search

read:statuses

write:statuses

admin:read

admin:write

admin:read:accounts

admin:write:accounts

admin:read:reports

admin:write:reports