REST Auth API: OAuth Scopes
Arlo supports number of scopes that you employ to define the permissions a user will be asked to grant your system.
Please note that all the optional (not required) scopes shown below, you must choose one from those listed from all_claims and below. If you do not, you will have no access to any part of the API surface. It is suggested that you choose the all_claims scope.
A note on the Consent column: if Yes, then the scope shown will be one that the resource owner can refuse. If a resource owner denies certain scopes, your API access may be hindered.
|profile||Yes||Yes||This is a system defined scope|
|openid||Yes||Yes||This is system defined scope|
|read||Yes||Yes||This is system defined scope|
|write||Yes||Yes||This is system defined scope|
|roles||Yes||Yes||This is system defined scope|
|offline_access||No||Yes||Including this scope requests that a refresh token is generated and supplied to you. This simplifies the process of obtaining a valid token when one expires. By default, refresh tokens are not generated unless requested.|
|all_claims||No||Yes||This is an all encompassing scope - it includes all of the functional scopes that follow (events, contacts and so on). This is normally the scope that one would request.|
|events||No||Yes||Requests access to event related data.|
|registrations||No||Yes||Requests access to registration related data.|
|contacts||No||Yes||Requests access to contact related data.|
|organisations||No||Yes||Requests access to organisation related data.|
|regions||No||Yes||Requests access to region related data.|
|timezones||No||Yes||Requests access to time zone related data.|
|venues||No||Yes||Requests access to venue related data.|
|leads||No||Yes||Requests access to lead related data.|
|metadata||No||Yes||Requests access to entity meta data.|