Skip to content
GlossaryConceptUpdated May 2026

OAuth Scopes

noun · also: oauth, api-key, webhook

What is oauth scopes?

OAuth scopes are the granular permissions an app requests when you connect it — the difference between "read your email" and "send mail on your behalf".

Definition

Full definition of oauth scopes

When you authorize an integration via OAuth, the app asks for a specific set of permissions called scopes. Slack might request channels:read + chat:write; Google might request gmail.send + gmail.readonly. Scopes are the principle of least privilege applied to API access — only request what you'll actually use. Tiny Command shows you exactly which scopes a connection requires before you authorize.

In practice

OAuth Scopes examples

Gmail scopes
https://www.googleapis.com/auth/gmail.send is more limited than https://www.googleapis.com/auth/gmail.modify.
Used by

Apps that exemplify oauth scopes

See oauth scopes in action across real integrations.

Gmail
Email
Slack
Communication
GitHub
Developer Tools
HubSpot
CRM & Sales
Salesforce
CRM & Sales
FAQ

Common questions about oauth scopes

Can I revoke OAuth scopes later?
Yes — you can disconnect the integration from the app's OAuth settings page. The token becomes invalid immediately.
Why do some integrations request lots of scopes?
Either the integration genuinely needs broad access, or the developer was lazy and requested the maximum. Read the scope list before approving.

Be the first to know what's next.

Submit your email to get early access updates, new feature announcements, and the latest in automation from TinyCommand.
Subscribe
About usPrivacy policySubmit RequestTerms of usePricingMake a referralContact usBecome a partnerCancellation & refundBlogs
© TinyCommand LLC 2026
XLinkedInInstagramYouTubeFacebook