FOSSology · OAuth Scopes

FOSSology OAuth Scopes

OAuth 2.0 searched

FOSSology publishes 2 OAuth 2.0 scopes via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the FOSSology API on a user’s behalf.

Tokens are issued from https://api.example.com/oauth2/authorize.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

ComplianceLicensingLinux FoundationScanningSPDXOpen Source
Scopes: 2 Flows: clientCredentials Method: searched

OAuth endpoints

Token URL
https://api.example.com/oauth2/authorize
Flows
clientCredentials

Scopes (2)

ScopeDescriptionFlows
read Read-only access to the FOSSology REST API, allowing retrieval of information without creating or modifying data. Requested as token_scope when generating a token via POST /tokens and carried in the JWT scope claim.
write Read-write access to the FOSSology REST API, allowing creation and modification of data such as uploads, jobs, and clearing decisions. Requested as token_scope when generating a token via POST /tokens and carried in the JWT scope claim.

Source

OAuth Scopes

fossology-scopes.yml Raw ↑
generated: '2026-07-11'
method: searched
source: openapi/fossology-openapi.yml
docs: https://github.com/fossology/fossology/wiki/FOSSology-REST-API
schemes:
- name: oauth
  source: openapi/fossology-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.example.com/oauth2/authorize
  description: Machine-2-Machine communication from oauth
scopes:
- scope: read
  description: Read-only access to the FOSSology REST API, allowing retrieval of
    information without creating or modifying data. Requested as token_scope when
    generating a token via POST /tokens and carried in the JWT scope claim.
  sources:
  - https://github.com/fossology/fossology/wiki/FOSSology-REST-API
- scope: write
  description: Read-write access to the FOSSology REST API, allowing creation and
    modification of data such as uploads, jobs, and clearing decisions. Requested
    as token_scope when generating a token via POST /tokens and carried in the JWT
    scope claim.
  sources:
  - https://github.com/fossology/fossology/wiki/FOSSology-REST-API
note: FOSSology authenticates with JWT bearer tokens (or OIDC machine-to-machine
  tokens) whose scope is limited to read or write; it does not publish a finer-grained
  OAuth scope catalog (https://github.com/fossology/fossology/wiki/FOSSology-REST-API).