Cribl · OAuth Scopes

Cribl OAuth Scopes

OAuth 2.0 searched

Cribl publishes 6 OAuth 2.0 scopes via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Cribl API on a user’s behalf.

Tokens are issued from https://login.cribl.cloud/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

ConfigurationData LakeData PipelinesData RoutingEdge ComputingInfrastructure as CodeObservabilitySearchSecurity DataStream ProcessingTelemetry
Scopes: 6 Flows: clientCredentials Method: searched

OAuth endpoints

Token URL
https://login.cribl.cloud/oauth/token
Flows
clientCredentials

Scopes (6)

ScopeDescriptionFlows
user:read:workergroups Read Worker Group data in the Workspaces the API Credential's permissions cover.
user:update:workergroups Modify Worker Group configurations in the Workspaces the API Credential's permissions cover.
user:read:connections Read connection information in the Workspaces the API Credential's permissions cover.
user:update:connections Modify connection settings in the Workspaces the API Credential's permissions cover.
user:read:workspaces View Workspace data in the Cribl.Cloud Organization.
user:update:workspaces Change Workspace configurations in the Cribl.Cloud Organization.

Source

OAuth Scopes

cribl-scopes.yml Raw ↑
generated: '2026-07-11'
method: searched
docs: https://docs.cribl.io/cribl-as-code/api-auth/
note: Cribl uses the OAuth 2.0 client credentials flow only; clients do not request
  scopes. The scope attribute of the Bearer token reflects the IAM Permissions assigned
  to the API Credential (Organization Admin/Owner/User plus per-Workspace product
  permissions), and Cribl publishes only example scope strings rather than a complete
  scopes catalog (https://docs.cribl.io/cribl-as-code/api-auth/, https://docs.cribl.io/iam/permissions/).
source: openapi/cribl-as-code-api-openapi.yml, openapi/cribl-cloud-api-openapi.yml
schemes:
- name: oauth2
  source: openapi/cribl-as-code-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://login.cribl.cloud/oauth/token
  description: OAuth 2.0 client credentials flow for Cribl Cloud management plane authentication.
- name: oauth2
  source: openapi/cribl-cloud-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://login.cribl.cloud/oauth/token
  description: OAuth 2.0 client credentials flow for Cribl Cloud authentication. Tokens expire
    after 24 hours.
scopes:
- scope: user:read:workergroups
  description: Read Worker Group data in the Workspaces the API Credential's permissions
    cover.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/
- scope: user:update:workergroups
  description: Modify Worker Group configurations in the Workspaces the API Credential's
    permissions cover.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/
- scope: user:read:connections
  description: Read connection information in the Workspaces the API Credential's
    permissions cover.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/
- scope: user:update:connections
  description: Modify connection settings in the Workspaces the API Credential's
    permissions cover.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/
- scope: user:read:workspaces
  description: View Workspace data in the Cribl.Cloud Organization.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/
- scope: user:update:workspaces
  description: Change Workspace configurations in the Cribl.Cloud Organization.
  sources:
  - https://docs.cribl.io/cribl-as-code/api-auth/