Pomelo · OAuth Scopes
Pomelo OAuth Scopes
OAuth 2.0
derived
Pomelo uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.
Tokens are issued from https://auth.pomelo.la/oauth/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
FintechCard IssuingEmbedded FinancePaymentsLatin America
Scopes: 0
Flows: clientCredentials
Method: derived
OAuth endpoints
Token URL
https://auth.pomelo.la/oauth/token
https://auth.pomelo.la/oauth/token
Flows
clientCredentials
clientCredentials
Scopes (0)
Pomelo implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.
Pomelo's OAuth 2.0 uses the client_credentials grant (client_id, client_secret, audience only - no scope parameter), and while each API validates that the token's internally granted scopes (e.g. arg:cards:get-card in token response examples) match the required permissions, no public scopes reference is published (https://developers.pomelo.la/en/api-reference/general/authorization).
Pomelo's OAuth 2.0 uses the client_credentials grant (client_id, client_secret, audience only - no scope parameter), and while each API validates that the token's internally granted scopes (e.g. arg:cards:get-card in token response examples) match the required permissions, no public scopes reference is published (https://developers.pomelo.la/en/api-reference/general/authorization).
📄 Provider scope reference: https://developers.pomelo.la/en/api-reference/general/authorization