Zeplin · OAuth Scopes

Zeplin OAuth Scopes

OAuth 2.0 derived

Zeplin uses OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (e.g. client-credentials or role-based authorization) rather than per-scope consent.

Tokens are issued from /v1/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

DesignDesign HandoffDeveloper ToolsFigmaSketchAdobe XDStyle GuidesComponentsAssetsWebhooks
Scopes: 0 Flows: authorizationCode Method: derived

OAuth endpoints

Authorization URL
/v1/oauth/authorize
Token URL
/v1/oauth/token
Flows
authorizationCode

Scopes (0)

Zeplin implements OAuth 2.0 but publishes no discrete scopes — access is governed by the grant itself (client-credentials or role-based authorization) rather than per-scope consent.

Zeplin's OAuth 2.0 (authorization code with PKCE) does not use or document granular scopes; the authorize endpoint accepts no scope parameter and authorized apps get broad read/write access on behalf of the user (https://docs.zeplin.dev/reference/authentication).

Source

OAuth Scopes

zeplin-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/zeplin-zeplin-api-openapi.yml
docs: https://docs.zeplin.dev/reference/authentication
note: Zeplin's OAuth 2.0 (authorization code with PKCE) does not use or document
  granular scopes; the authorize endpoint accepts no scope parameter and authorized
  apps get broad read/write access on behalf of the user
  (https://docs.zeplin.dev/reference/authentication).
schemes:
- name: OAuth2
  source: openapi/zeplin-zeplin-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: /v1/oauth/authorize
    tokenUrl: /v1/oauth/token
scopes: []