VA Lighthouse · OAuth Scopes

VA Lighthouse OAuth Scopes

OAuth 2.0 derived

VA Lighthouse publishes 35 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the VA Lighthouse API on a user’s behalf.

Tokens are issued from https://api.va.gov/oauth2/appeals/v1/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

GovernmentVeterans AffairsVeteransHealthcareBenefitsFHIROpen DataFederal
Scopes: 35 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://api.va.gov/oauth2/appeals/v1/authorization https://sandbox-api.va.gov/oauth2/appeals/v1/authorization https://api.va.gov/oauth2/authorization https://sandbox-api.va.gov/oauth2/authorization https://api.va.gov/oauth2/veteran-verification/system/v1/authorization https://sandbox-api.va.gov/oauth2/veteran-verification/system/v1/authorization
Token URL
https://api.va.gov/oauth2/appeals/v1/token https://api.va.gov/oauth2/appeals/system/v1/token https://sandbox-api.va.gov/oauth2/appeals/v1/token https://deptva-eval.okta.com/oauth2/auskff5o6xsoQVngk2p7/v1/token https://api.va.gov/oauth2/token https://sandbox-api.va.gov/oauth2/token https://api.va.gov/oauth2/exemplar/system/v1/token https://api.va.gov/oauth2/direct-deposit-management/system/v1/token https://staging-api.va.gov/oauth2/loan-guaranty/system/v1/token https://api.va.gov/oauth2/veteran-letters/system/v1/token https://api.va.gov/oauth2/veteran-verification/system/v1/token https://sandbox-api.va.gov/oauth2/veteran-verification/system/v1/token
Flows
authorizationCodeclientCredentials

Scopes (35)

ScopeDescriptionFlows
aca_coverage_restricted.read Return a Veteran's enrollment status in minimum essential coverage (MEC) as defined by the Affordable Care Act (ACA). (restricted access). authorizationCode, clientCredentials
claim.read Retrieve claim data authorizationCode
claim.write Submit claim data authorizationCode
direct-deposit-management.read The veteran's access to direct deposit management that provides viewing of current EFT settings. clientCredentials
direct-deposit-management.write The veteran's access to direct deposit management that provides updating of current EFT settings. clientCredentials
disability_rating.read Retrieve Disability Rating authorizationCode, clientCredentials
disability_rating_restricted.read For approved federal consumers, view a Veteran's VA disability ratings and their effective dates using Social Security number and demographic information. authorizationCode, clientCredentials
disability_rating_summary.read Retrieve Disability Rating Summary authorizationCode, clientCredentials
disability_rating_summary_restricted.read For approved federal consumers, view a Veteran's VA disability rating summary using Social Security number and demographic information. clientCredentials
documents.read The Veteran's access to read data about files that have been uploaded. clientCredentials
documents.write The Veteran's access to upload files that provide verification of eligibility for their benefits. clientCredentials
enrolled_benefits.read Retrieve Veteran Enrolled Benefits authorizationCode, clientCredentials
flashes.read Retrieve Flashes authorizationCode, clientCredentials
launch.read Retrieve Launch clientCredentials
letters.read The veteran's access to letters that provide verification of eligibility for their benefits. clientCredentials
patient/CommunityCareEligibility.read Community Care Eligibility authorizationCode
permanent_and_total_disability.read View a Veteran's P&T and IU disability statuses and effective dates. authorizationCode, clientCredentials
permanent_and_total_disability_restricted.read Vew a Veteran's P&T and IU disability statuses and effective dates, based on restricted user attributes. clientCredentials
representative/AppealableIssues.read Appealable issues info authorizationCode
representative/AppealsStatus.read Status of appeals and decision reviews authorizationCode
representative/LegacyAppeals.read Legacy appeals info authorizationCode
service_history.read Retrieve Service History authorizationCode, clientCredentials
status_restricted.read For approved federal consumers, confirm the Veteran status of an individual using Social Security number and demographic information. authorizationCode, clientCredentials
system.loan-review.write Transmit loan review documents clientCredentials
system/526-pdf.override
system/526.override
system/AppealableIssues.read Appealable issues info clientCredentials
system/AppealsStatus.read Status of appeals and decision reviews clientCredentials
system/LegacyAppeals.read Legacy appeals info clientCredentials
system/claim.read Retrieve claim data authorizationCode
system/claim.write Submit claim data authorizationCode
veteran/AppealableIssues.read Appealable issues info authorizationCode
veteran/AppealsStatus.read Status of appeals and decision reviews authorizationCode
veteran/LegacyAppeals.read Legacy appeals info authorizationCode
veteran_status.read Retrieve Veteran Status authorizationCode, clientCredentials

Source

OAuth Scopes

va-gov-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/va-gov-appealable-issues-v0-openapi.json, openapi/va-gov-appeals-status-v1-openapi.json,
  openapi/va-gov-benefits-claims-v1-openapi.json, openapi/va-gov-benefits-claims-v2-openapi.json,
  openapi/va-gov-benefits-documents-v1-openapi.json, openapi/va-gov-community-care-eligibility-v0-openapi.json,
  openapi/va-gov-direct-deposit-management-v1-openapi.json, openapi/va-gov-legacy-appeals-v0-openapi.json,
  openapi/va-gov-loan-review-v1-openapi.json, openapi/va-gov-va-letter-generator-v1-openapi.json,
  openapi/va-gov-veteran-verification-v2-openapi.json
schemes:
- name: productionOauth
  source: openapi/va-gov-appealable-issues-v0-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/appeals/system/v1/token
  description: 'The authorization model for the Appealable Issues API uses OAuth 2.0/OpenID
    Connect. The following models are supported: [Authorization Code Grant (ACG)](/explore/api/appealable-issues/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/appealable-issues/client-credentials).'
- name: sandboxOauth
  source: openapi/va-gov-appealable-issues-v0-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://deptva-eval.okta.com/oauth2/auskff5o6xsoQVngk2p7/v1/token
  description: 'The authorization model for the Appealable Issues API uses OAuth 2.0/OpenID
    Connect. The following models are supported: [Authorization Code Grant (ACG)](/explore/api/appealable-issues/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/appealable-issues/client-credentials).'
- name: productionOauth
  source: openapi/va-gov-appeals-status-v1-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/appeals/system/v1/token
  description: 'The authorization model for the Appeals Status API uses OAuth 2.0/OpenID Connect.
    The following models are supported: [Authorization Code Grant (ACG)](/explore/api/appeals-status/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/appeals-status/client-credentials).'
- name: sandboxOauth
  source: openapi/va-gov-appeals-status-v1-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://deptva-eval.okta.com/oauth2/auskff5o6xsoQVngk2p7/v1/token
  description: 'The authorization model for the Appeals Status API uses OAuth 2.0/OpenID Connect.
    The following models are supported: [Authorization Code Grant (ACG)](/explore/api/appeals-status/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/appeals-status/client-credentials).'
- name: productionOauth
  source: openapi/va-gov-benefits-claims-v1-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/authorization
    tokenUrl: https://api.va.gov/oauth2/token
  description: This API uses OAuth 2 with the authorization code grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/authorization-code)
- name: sandboxOauth
  source: openapi/va-gov-benefits-claims-v1-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/token
  description: This API uses OAuth 2 with the authorization code grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/authorization-code)
- name: productionOauth
  source: openapi/va-gov-benefits-claims-v2-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/authorization
    tokenUrl: https://api.va.gov/oauth2/token
  description: This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)
- name: sandboxOauth
  source: openapi/va-gov-benefits-claims-v2-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/token
  description: This API uses OAuth 2 with the client credential grant flow. [More info](https://developer.va.gov/explore/api/benefits-claims/client-credentials)
- name: oauth2
  source: openapi/va-gov-benefits-documents-v1-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/exemplar/system/v1/token
- name: OauthFlow
  source: openapi/va-gov-community-care-eligibility-v0-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/token
- name: OAuth
  source: openapi/va-gov-direct-deposit-management-v1-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/direct-deposit-management/system/v1/token
- name: productionOauth
  source: openapi/va-gov-legacy-appeals-v0-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/appeals/system/v1/token
  description: 'The authorization model for the Legacy Appeals API uses OAuth 2.0/OpenID Connect.
    The following models are supported: [Authorization Code Grant (ACG)](/explore/api/legacy-appeals/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/legacy-appeals/client-credentials).'
- name: sandboxOauth
  source: openapi/va-gov-legacy-appeals-v0-openapi.json
  flows:
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/appeals/v1/token
  - flow: clientCredentials
    tokenUrl: https://deptva-eval.okta.com/oauth2/auskff5o6xsoQVngk2p7/v1/token
  description: 'The authorization model for the Legacy Appeals API uses OAuth 2.0/OpenID Connect.
    The following models are supported: [Authorization Code Grant (ACG)](/explore/api/legacy-appeals/authorization-code)
    and [Client Credentials Grant (CCG)](/explore/api/legacy-appeals/client-credentials).'
- name: oauth2
  source: openapi/va-gov-loan-review-v1-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://staging-api.va.gov/oauth2/loan-guaranty/system/v1/token
- name: OAuth
  source: openapi/va-gov-va-letter-generator-v1-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/veteran-letters/system/v1/token
- name: productionOauth2
  source: openapi/va-gov-veteran-verification-v2-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/veteran-verification/system/v1/token
  - flow: authorizationCode
    authorizationUrl: https://api.va.gov/oauth2/veteran-verification/system/v1/authorization
    tokenUrl: https://api.va.gov/oauth2/veteran-verification/system/v1/token
  description: This API uses OAuth 2.0 with client credentials grant flow and authorization
    code grant flow.
- name: sandboxOauth2
  source: openapi/va-gov-veteran-verification-v2-openapi.json
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.va.gov/oauth2/veteran-verification/system/v1/token
  - flow: authorizationCode
    authorizationUrl: https://sandbox-api.va.gov/oauth2/veteran-verification/system/v1/authorization
    tokenUrl: https://sandbox-api.va.gov/oauth2/veteran-verification/system/v1/token
  description: This API uses OAuth 2.0 with client credentials grant flow and authorization
    code grant flow
scopes:
- scope: aca_coverage_restricted.read
  description: Return a Veteran's enrollment status in minimum essential coverage (MEC) as defined
    by the Affordable Care Act (ACA).  (restricted access).
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: claim.read
  description: Retrieve claim data
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-benefits-claims-v1-openapi.json
- scope: claim.write
  description: Submit claim data
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-benefits-claims-v1-openapi.json
- scope: direct-deposit-management.read
  description: The veteran's access to direct deposit management that provides viewing of current
    EFT settings.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-direct-deposit-management-v1-openapi.json
- scope: direct-deposit-management.write
  description: The veteran's access to direct deposit management that provides updating of current
    EFT settings.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-direct-deposit-management-v1-openapi.json
- scope: disability_rating.read
  description: Retrieve Disability Rating
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: disability_rating_restricted.read
  description: For approved federal consumers, view a Veteran's VA disability ratings and their
    effective dates using Social Security number and demographic information.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: disability_rating_summary.read
  description: Retrieve Disability Rating Summary
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: disability_rating_summary_restricted.read
  description: For approved federal consumers, view a Veteran's VA disability rating summary
    using Social Security number and demographic information.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: documents.read
  description: The Veteran's access to read data about files that have been uploaded.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-benefits-documents-v1-openapi.json
- scope: documents.write
  description: The Veteran's access to upload files that provide verification of eligibility
    for their benefits.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-benefits-documents-v1-openapi.json
- scope: enrolled_benefits.read
  description: Retrieve Veteran Enrolled Benefits
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: flashes.read
  description: Retrieve Flashes
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: launch.read
  description: Retrieve Launch
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: letters.read
  description: The veteran's access to letters that provide verification of eligibility for
    their benefits.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-va-letter-generator-v1-openapi.json
- scope: patient/CommunityCareEligibility.read
  description: Community Care Eligibility
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-community-care-eligibility-v0-openapi.json
- scope: permanent_and_total_disability.read
  description: View a Veteran's P&T and IU disability statuses and effective dates.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: permanent_and_total_disability_restricted.read
  description: Vew a Veteran's P&T and IU disability statuses and effective dates, based on
    restricted user attributes.
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: representative/AppealableIssues.read
  description: Appealable issues info
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-appealable-issues-v0-openapi.json
- scope: representative/AppealsStatus.read
  description: Status of appeals and decision reviews
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-appeals-status-v1-openapi.json
- scope: representative/LegacyAppeals.read
  description: Legacy appeals info
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-legacy-appeals-v0-openapi.json
- scope: service_history.read
  description: Retrieve Service History
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: status_restricted.read
  description: For approved federal consumers, confirm the Veteran status of an individual using
    Social Security number and demographic information.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json
- scope: system.loan-review.write
  description: Transmit loan review documents
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-loan-review-v1-openapi.json
- scope: system/526-pdf.override
  sources:
  - openapi/va-gov-benefits-claims-v2-openapi.json
- scope: system/526.override
  sources:
  - openapi/va-gov-benefits-claims-v2-openapi.json
- scope: system/AppealableIssues.read
  description: Appealable issues info
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-appealable-issues-v0-openapi.json
- scope: system/AppealsStatus.read
  description: Status of appeals and decision reviews
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-appeals-status-v1-openapi.json
- scope: system/LegacyAppeals.read
  description: Legacy appeals info
  flows:
  - clientCredentials
  sources:
  - openapi/va-gov-legacy-appeals-v0-openapi.json
- scope: system/claim.read
  description: Retrieve claim data
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-benefits-claims-v2-openapi.json
- scope: system/claim.write
  description: Submit claim data
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-benefits-claims-v2-openapi.json
- scope: veteran/AppealableIssues.read
  description: Appealable issues info
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-appealable-issues-v0-openapi.json
- scope: veteran/AppealsStatus.read
  description: Status of appeals and decision reviews
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-appeals-status-v1-openapi.json
- scope: veteran/LegacyAppeals.read
  description: Legacy appeals info
  flows:
  - authorizationCode
  sources:
  - openapi/va-gov-legacy-appeals-v0-openapi.json
- scope: veteran_status.read
  description: Retrieve Veteran Status
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/va-gov-veteran-verification-v2-openapi.json