Arlo

REST Auth API: OAuth Scopes

Arlo supports number of scopes that you employ to define the permissions a user will be asked to grant your system.

Please note that all the optional (not required) scopes shown below, you must choose one from those listed from all_claims and below. If you do not, you will have no access to any part of the API surface. It is suggested that you choose the all_claims scope.

A note on the Consent column: if Yes, then the scope shown will be one that the resource owner can refuse. If a resource owner denies certain scopes, your API access may be hindered.

Scope Required? Consent Description
profile Yes Yes This is a system defined scope
openid Yes Yes This is system defined scope
read Yes Yes This is system defined scope
write Yes Yes This is system defined scope
roles Yes Yes This is system defined scope
offline_access No Yes Including this scope requests that a refresh token is generated and supplied to you. This simplifies the process of obtaining a valid token when one expires. By default, refresh tokens are not generated unless requested.
all_claims No Yes This is an all encompassing scope - it includes all of the functional scopes that follow (events, contacts and so on). This is normally the scope that one would request.
events No Yes Requests access to event related data.
registrations No Yes Requests access to registration related data.
contacts No Yes Requests access to contact related data.
organisations No Yes Requests access to organisation related data.
regions No Yes Requests access to region related data.
timezones No Yes Requests access to time zone related data.
venues No Yes Requests access to venue related data.
leads No Yes Requests access to lead related data.
metadata No Yes Requests access to entity meta data.