Netlify · OAuth Scopes

Netlify OAuth Scopes

OAuth 2.0 derived

Netlify uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

CDNCloudContinuous DeploymentEdge ComputingJAMstackServerlessServerless FunctionsStatic SitesWeb HostingWebsites
Scopes: 0 Flows: implicit Method: derived

OAuth endpoints

Authorization URL
https://app.netlify.com/authorize
Flows
implicit

Scopes (0)

Netlify implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

Netlify OAuth2 does not use granular scopes - tokens (OAuth or personal access tokens) carry full account access, and Netlify staff confirm only a single public scope exists (https://answers.netlify.com/t/netlify-oauth-scopes/112113).

Source

OAuth Scopes

netlify-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/netlify-openapi-original.yml
docs: https://docs.netlify.com/api-and-cli-guides/api-guides/get-started-with-api/
note: Netlify OAuth2 does not use granular scopes - tokens (OAuth or personal access
  tokens) carry full account access, and Netlify staff confirm only a single public
  scope exists (https://answers.netlify.com/t/netlify-oauth-scopes/112113).
schemes:
- name: netlifyAuth
  source: openapi/netlify-openapi-original.yml
  flows:
  - flow: implicit
    authorizationUrl: https://app.netlify.com/authorize
scopes: []