Alloy · OAuth Scopes

Alloy OAuth Scopes

OAuth 2.0 derived

Alloy uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

Tokens are issued from /oauth/bearer.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Identity VerificationKYCKYBFraud PreventionComplianceOnboardingTransaction MonitoringRisk DecisioningAMLFintech
Scopes: 0 Flows: clientCredentials Method: derived

OAuth endpoints

Token URL
/oauth/bearer
Flows
clientCredentials

Scopes (0)

Alloy implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

Alloy's API uses OAuth 2.0 client_credentials (API token/secret exchanged for a one-hour bearer token) or Basic HTTP auth, and does not use or document OAuth scopes (https://developer.alloy.com/public/docs/authentication-guide).

Source

OAuth Scopes

alloy-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/alloy-identity-api-openapi.yml
docs: https://developer.alloy.com/public/docs/authentication-guide
note: Alloy's API uses OAuth 2.0 client_credentials (API token/secret exchanged for a
  one-hour bearer token) or Basic HTTP auth, and does not use or document OAuth scopes
  (https://developer.alloy.com/public/docs/authentication-guide).
schemes:
- name: oauth2
  source: openapi/alloy-identity-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: /oauth/bearer
  description: OAuth2 using a workflow token and secret to generate a bearer token
scopes: []