Vanta · OAuth Scopes

Vanta OAuth Scopes

OAuth 2.0 derived

Vanta publishes 8 OAuth 2.0 scopes via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Vanta API on a user’s behalf.

Tokens are issued from https://api.vanta.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

CybersecurityComplianceSecurityGovernanceRisk Management
Scopes: 8 Flows: clientCredentials Method: derived

OAuth endpoints

Token URL
https://api.vanta.com/oauth/token
Flows
clientCredentials

Scopes (8)

ScopeDescriptionFlows
auditor-api.audit:read Grant read-only access to your audits clientCredentials
auditor-api.audit:write Grant read-write access to your audits clientCredentials
auditor-api.auditor:read Grant read-only access to your auditors clientCredentials
auditor-api.auditor:write Grant read-write access to your auditors clientCredentials
connectors.self:read-resource Read connector resources clientCredentials
connectors.self:write-resource Write connector resources clientCredentials
vanta.read Read access to Vanta data clientCredentials
vanta.write Write access to Vanta data clientCredentials

Source

OAuth Scopes

vanta-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/vanta-auditor-openapi.yml, openapi/vanta-openapi.yml
schemes:
- name: oauth
  source: openapi/vanta-auditor-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.vanta.com/oauth/token
  description: Get an oauth token from the token url and use it as a bearer token to access
    the Vanta API.
- name: OAuth2
  source: openapi/vanta-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.vanta.com/oauth/token
scopes:
- scope: auditor-api.audit:read
  description: Grant read-only access to your audits
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-auditor-openapi.yml
  - openapi/vanta-openapi.yml
- scope: auditor-api.audit:write
  description: Grant read-write access to your audits
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-auditor-openapi.yml
- scope: auditor-api.auditor:read
  description: Grant read-only access to your auditors
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-auditor-openapi.yml
  - openapi/vanta-openapi.yml
- scope: auditor-api.auditor:write
  description: Grant read-write access to your auditors
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-auditor-openapi.yml
- scope: connectors.self:read-resource
  description: Read connector resources
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-openapi.yml
- scope: connectors.self:write-resource
  description: Write connector resources
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-openapi.yml
- scope: vanta.read
  description: Read access to Vanta data
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-openapi.yml
- scope: vanta.write
  description: Write access to Vanta data
  flows:
  - clientCredentials
  sources:
  - openapi/vanta-openapi.yml