Upwork · OAuth Scopes

Upwork OAuth Scopes

OAuth 2.0 derived

Upwork publishes 9 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Upwork API on a user’s behalf.

Tokens are issued from https://www.upwork.com/api/v3/oauth2/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

FreelancingJobsTalentMarketplaceContractsHiring
Scopes: 9 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://www.upwork.com/ab/account-security/oauth2/authorize
Token URL
https://www.upwork.com/api/v3/oauth2/token
Flows
authorizationCode

Scopes (9)

ScopeDescriptionFlows
contracts:read Read contract data authorizationCode
email Access to user email authorizationCode
jobs:read Read job postings authorizationCode
messages:read Read messages authorizationCode
messages:write Send messages authorizationCode
openid Access to user identity information authorizationCode
profile Access to user profile data authorizationCode
profiles:read Read freelancer profiles authorizationCode
reports:read Read financial reports authorizationCode

Source

OAuth Scopes

upwork-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/upwork-graphql-api-openapi.yml, openapi/upwork-rest-api-openapi.yml
schemes:
- name: oauth2AuthCode
  source: openapi/upwork-graphql-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://www.upwork.com/ab/account-security/oauth2/authorize
    tokenUrl: https://www.upwork.com/api/v3/oauth2/token
  description: OAuth 2.0 authorization code flow for Upwork API access. Obtain an authorization
    code by redirecting users to the Upwork OAuth consent page, then exchange for access and
    refresh tokens.
- name: oauth2AuthCode
  source: openapi/upwork-rest-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://www.upwork.com/ab/account-security/oauth2/authorize
    tokenUrl: https://www.upwork.com/api/v3/oauth2/token
  description: OAuth 2.0 authorization code flow
scopes:
- scope: contracts:read
  description: Read contract data
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
  - openapi/upwork-rest-api-openapi.yml
- scope: email
  description: Access to user email
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: jobs:read
  description: Read job postings
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: messages:read
  description: Read messages
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: messages:write
  description: Send messages
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: openid
  description: Access to user identity information
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
  - openapi/upwork-rest-api-openapi.yml
- scope: profile
  description: Access to user profile data
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: profiles:read
  description: Read freelancer profiles
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
- scope: reports:read
  description: Read financial reports
  flows:
  - authorizationCode
  sources:
  - openapi/upwork-graphql-api-openapi.yml
  - openapi/upwork-rest-api-openapi.yml