Overview
This article discusses whether it is possible for a user to grant only partial scopes of an API to an application during the authorization process. For example, granting only “calendar:read” when an application requests both the “calendar:read” and “email:read” scopes.
Applies To
- APIs
- Having the option “Allow Skipping User Consent” turned off
- Authorization screen
Solution
The “Grant Management for User Consents” feature, which would directly enable users to grant specific scopes, is planned for a future release. A current workaround involves using actions. For a similar approach that can be adapted using client_ids, refer to Add user roles to ID and Access tokens.