CharlieHR · OAuth Scopes

CharlieHR OAuth Scopes

OAuth 2.0 derived

CharlieHR uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

Tokens are issued from https://charliehr.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

HRHRISPeopleLeaveTime Off
Scopes: 0 Flows: clientCredentials Method: derived

OAuth endpoints

Token URL
https://charliehr.com/oauth/token
Flows
clientCredentials

Scopes (0)

CharlieHR implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

CharlieHR does not publish OAuth scopes - the API docs (https://www.charliehr.com/api_docs/) show every endpoint authenticated with company-level client credentials sent as an Authorization header (Token token=client_id:client_secret), with no scope or permission-level system documented.

Source

OAuth Scopes

charliehr-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/charliehr-openapi.yml
docs: https://www.charliehr.com/api_docs/
note: CharlieHR does not publish OAuth scopes - the API docs (https://www.charliehr.com/api_docs/)
  show every endpoint authenticated with company-level client credentials sent as
  an Authorization header (Token token=client_id:client_secret), with no scope or
  permission-level system documented.
schemes:
- name: oauth2
  source: openapi/charliehr-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://charliehr.com/oauth/token
  description: OAuth 2.0. A Client ID and Client Secret issued in the CharlieHR app are exchanged
    for an access token, which is sent in the Authorization header of each request.
scopes: []