Microsoft Power Apps · OAuth Scopes

Microsoft Power Apps OAuth Scopes

OAuth 2.0 derived

Microsoft Power Apps publishes 2 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Microsoft Power Apps API on a user’s behalf.

Tokens are issued from https://login.microsoftonline.com/common/oauth2/v2.0/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

App DevelopmentBusiness ApplicationsCloud PlatformLow-CodeMicrosoftNo-Code
Scopes: 2 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Token URL
https://login.microsoftonline.com/common/oauth2/v2.0/token
Flows
authorizationCodeclientCredentials

Scopes (2)

ScopeDescriptionFlows
https://{organization}.crm.dynamics.com/.default Application access to Dataverse clientCredentials
https://{organization}.crm.dynamics.com/user_impersonation Access Dataverse as the signed-in user authorizationCode

Source

OAuth Scopes

power-apps-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/power-apps-openapi.yml
schemes:
- name: OAuth2
  source: openapi/power-apps-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
    tokenUrl: https://login.microsoftonline.com/common/oauth2/v2.0/token
  - flow: clientCredentials
    tokenUrl: https://login.microsoftonline.com/common/oauth2/v2.0/token
  description: |-
    Authentication uses Microsoft Entra ID (Azure AD) OAuth 2.0. Acquire a
    bearer token with the audience set to the Dataverse organization URL,
    for example https://{organization}.crm.dynamics.com/.default.
scopes:
- scope: https://{organization}.crm.dynamics.com/.default
  description: Application access to Dataverse
  flows:
  - clientCredentials
  sources:
  - openapi/power-apps-openapi.yml
- scope: https://{organization}.crm.dynamics.com/user_impersonation
  description: Access Dataverse as the signed-in user
  flows:
  - authorizationCode
  sources:
  - openapi/power-apps-openapi.yml