summaryrefslogtreecommitdiffstats
path: root/docs/content/doc/developers/oauth2-provider.en-us.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/content/doc/developers/oauth2-provider.en-us.md')
-rw-r--r--docs/content/doc/developers/oauth2-provider.en-us.md36
1 files changed, 35 insertions, 1 deletions
diff --git a/docs/content/doc/developers/oauth2-provider.en-us.md b/docs/content/doc/developers/oauth2-provider.en-us.md
index c6765f19e7..17c12d22f2 100644
--- a/docs/content/doc/developers/oauth2-provider.en-us.md
+++ b/docs/content/doc/developers/oauth2-provider.en-us.md
@@ -42,7 +42,41 @@ To use the Authorization Code Grant as a third party application it is required
## Scopes
-Currently Gitea does not support scopes (see [#4300](https://github.com/go-gitea/gitea/issues/4300)) and all third party applications will be granted access to all resources of the user and their organizations.
+Gitea supports the following scopes for tokens:
+
+| Name | Description |
+| ---- | ----------- |
+| **(no scope)** | Grants read-only access to public user profile and public repositories. |
+| **repo** | Full control over all repositories. |
+|     **repo:status** | Grants read/write access to commit status in all repositories. |
+|     **public_repo** | Grants read/write access to public repositories only. |
+| **admin:repo_hook** | Grants access to repository hooks of all repositories. This is included in the `repo` scope. |
+|     **write:repo_hook** | Grants read/write access to repository hooks |
+|     **read:repo_hook** | Grants read-only access to repository hooks |
+| **admin:org** | Grants full access to organization settings |
+|     **write:org** | Grants read/write access to organization settings |
+|     **read:org** | Grants read-only access to organization settings |
+| **admin:public_key** | Grants full access for managing public keys |
+|     **write:public_key** | Grant read/write access to public keys |
+|     **read:public_key** | Grant read-only access to public keys |
+| **admin:org_hook** | Grants full access to organizational-level hooks |
+| **notification** | Grants full access to notifications |
+| **user** | Grants full access to user profile info |
+|     **read:user** | Grants read access to user's profile |
+|     **user:email** | Grants read access to user's email addresses |
+|     **user:follow** | Grants access to follow/un-follow a user |
+| **delete_repo** | Grants access to delete repositories as an admin |
+| **package** | Grants full access to hosted packages |
+|     **write:package** | Grants read/write access to packages |
+|     **read:package** | Grants read access to packages |
+|     **delete:package** | Grants delete access to packages |
+| **admin:gpg_key** | Grants full access for managing GPG keys |
+|     **write:gpg_key** | Grants read/write access to GPG keys |
+|     **read:gpg_key** | Grants read-only access to GPG keys |
+| **admin:application** | Grants full access to manage applications |
+|     **write:application** | Grants read/write access for managing applications |
+|     **read:application** | Grants read access for managing applications |
+| **sudo** | Allows to perform actions as the site admin. |
## Client types
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 13:05:27 +0000