PydanticAI · OAuth Scopes
PydanticAI OAuth Scopes
OAuth 2.0
derived
PydanticAI publishes 38 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the PydanticAI API on a user’s behalf.
Tokens are issued from /api/oauth/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
AIAgentsPythonLLMType SafetyStructured OutputsDependency InjectionOpenAIAnthropicGeminiObservabilityFramework
Scopes: 38
Flows: authorizationCode
Method: derived
OAuth endpoints
Authorization URL
api/oauth/authorize
api/oauth/authorize
Token URL
/api/oauth/token
/api/oauth/token
Flows
authorizationCode
authorizationCode
Scopes (38)
| Scope | Description | Flows |
|---|---|---|
| instance:admin | Platform admin access to manage the whole self-hosted instance | authorizationCode |
| instance:billing | Read billing and usage data across the whole self-hosted instance | authorizationCode |
| organization:admin | Platform admin access to manage organizations across the instance (self-hosted only) | authorizationCode |
| organization:auditlog | Read audit logs for the organization | authorizationCode |
| organization:create_api_key | Create new API keys for the organization | authorizationCode |
| organization:create_project | Ability to create projects within the organization | authorizationCode |
| organization:payment | Read billing usage data for the organization | authorizationCode |
| organization:read | Read access to organizations | authorizationCode |
| organization:read_api_key | Read API keys across the organization | authorizationCode |
| organization:read_channel | Read notification channels across the organization | authorizationCode |
| organization:read_invitation | Read organization invitations | authorizationCode |
| organization:read_member | Read organization members and roles | authorizationCode |
| organization:read_trust_policy | Read OIDC trust policies and their token exchange history | authorizationCode |
| organization:scim | SCIM access to organizations | authorizationCode |
| organization:write | Write access to organizations | authorizationCode |
| organization:write_api_key | Edit or revoke existing API keys across the organization | authorizationCode |
| organization:write_channel | Create or modify notification channels across the organization | authorizationCode |
| organization:write_invitation | Create organization invitations | authorizationCode |
| organization:write_member | Modify organization member roles and membership | authorizationCode |
| organization:write_trust_policy | Create, modify, or delete OIDC trust policies and revoke issued workload tokens | authorizationCode |
| project:gateway_proxy | Proxy AI model requests through the project AI Gateway | authorizationCode |
| project:read | Read access to projects | authorizationCode |
| project:read_alert | Read alerts within a project | authorizationCode |
| project:read_api_key | Read API keys within a project | authorizationCode |
| project:read_dashboard | Read dashboards within a project | authorizationCode |
| project:read_datasets | Read datasets within a project | authorizationCode |
| project:read_external_variables | Read external managed variables within a project via OFREP | authorizationCode |
| project:read_otlp | Query trace data submitted to the project via OTLP | authorizationCode |
| project:read_token | Create read tokens | authorizationCode |
| project:read_variables | Read managed variables and prompts within a project | authorizationCode |
| project:write | Write access to projects | authorizationCode |
| project:write_alert | Create or modify alerts within a project | authorizationCode |
| project:write_api_key | Create, edit, or revoke API keys within a project | authorizationCode |
| project:write_dashboard | Create or modify dashboards within a project | authorizationCode |
| project:write_datasets | Create or modify datasets within a project | authorizationCode |
| project:write_otlp | Send OTLP traces, logs, and metrics to the project | authorizationCode |
| project:write_token | Create write tokens | authorizationCode |
| project:write_variables | Create or modify managed variables and prompts within a project | authorizationCode |