Keep · OAuth Scopes

Keep OAuth Scopes

OAuth 2.0 derived

Keep uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

Tokens are issued from token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

AIOpsAlertingIncident ManagementObservabilityOpen SourceSREWorkflow Automation
Scopes: 0 Flows: password Method: derived

OAuth endpoints

Token URL
token
Flows
password

Scopes (0)

Keep implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

Keep does not publish OAuth scopes; API access uses API keys/JWT bearer tokens with role-based access control (RBAC) configured per identity provider (Auth0, Keycloak, Azure AD, Okta, OneLogin), per https://docs.keephq.dev/deployment/authentication/overview.

Source

OAuth Scopes

keep-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/keep-openapi.json
docs: https://docs.keephq.dev/deployment/authentication/overview
note: Keep does not publish OAuth scopes; API access uses API keys/JWT bearer tokens
  with role-based access control (RBAC) configured per identity provider (Auth0,
  Keycloak, Azure AD, Okta, OneLogin), per https://docs.keephq.dev/deployment/authentication/overview.
schemes:
- name: OAuth2PasswordBearer
  source: openapi/keep-openapi.json
  flows:
  - flow: password
    tokenUrl: token
scopes: []