HMRC UK Tax Authority · OAuth Scopes

HMRC UK Tax Authority OAuth Scopes

OAuth 2.0 derived

HMRC UK Tax Authority publishes 2 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the HMRC UK Tax Authority API on a user’s behalf.

Tokens are issued from https://api.service.hmrc.gov.uk/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

GovernmentMaking Tax DigitalRegulatoryTaxUK
Scopes: 2 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://api.service.hmrc.gov.uk/oauth/authorize
Token URL
https://api.service.hmrc.gov.uk/oauth/token
Flows
authorizationCode

Scopes (2)

ScopeDescriptionFlows
read:vat Read VAT data authorizationCode
write:vat Submit VAT returns authorizationCode

Source

OAuth Scopes

hmrc-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/hmrc-vat-mtd-openapi.yml
schemes:
- name: OAuth2UserRestricted
  source: openapi/hmrc-vat-mtd-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.service.hmrc.gov.uk/oauth/authorize
    tokenUrl: https://api.service.hmrc.gov.uk/oauth/token
  description: HMRC OAuth 2.0 Authorization Code grant (user-restricted)
scopes:
- scope: read:vat
  description: Read VAT data
  flows:
  - authorizationCode
  sources:
  - openapi/hmrc-vat-mtd-openapi.yml
- scope: write:vat
  description: Submit VAT returns
  flows:
  - authorizationCode
  sources:
  - openapi/hmrc-vat-mtd-openapi.yml