Zocdoc · OAuth Scopes

Zocdoc OAuth Scopes

OAuth 2.0 derived

Zocdoc publishes 6 OAuth 2.0 scopes via the clientCredentials and authorizationCode flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Zocdoc API on a user’s behalf.

Tokens are issued from https://auth.zocdoc.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

HealthcareAppointmentsBookingProvidersInsuranceTelehealthScheduling
Scopes: 6 Flows: clientCredentials, authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://auth.zocdoc.com/authorize
Token URL
https://auth.zocdoc.com/oauth/token
Flows
clientCredentialsauthorizationCode

Scopes (6)

ScopeDescriptionFlows
external.anonymous_token.write Create anonymous tokens used for discovery endpoints. clientCredentials
external.appointment.read Read basic details of your appointments. authorizationCode, clientCredentials
external.appointment.write Book and modify appointments. authorizationCode, clientCredentials
external.credential.rotate Rotate the authenticated client secret. clientCredentials
external.provider_insurance.write Update the insurance accepted by a provider. clientCredentials
external.schedulable_entity.read Read schedulable entities. authorizationCode, clientCredentials

Source

OAuth Scopes

zocdoc-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/zocdoc-zocdoc-api-openapi.yml
schemes:
- name: ClientCredentialsFlow
  source: openapi/zocdoc-zocdoc-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://auth.zocdoc.com/oauth/token
  description: |-
    Machine to machine authentication (for use from client server to Zocdoc).
    Production: `https://auth.zocdoc.com/oauth/token`
    Sandbox: `https://auth-api-developer-sandbox.zocdoc.com/oauth/token`
- name: AuthorizationCodeFlow
  source: openapi/zocdoc-zocdoc-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://auth.zocdoc.com/authorize
    tokenUrl: https://auth.zocdoc.com/oauth/token
  description: |-
    Log in as a user. Client Secret is not necessary for this login flow.
    Production: `https://auth.zocdoc.com`
    Sandbox: `https://auth-api-developer-sandbox.zocdoc.com`
scopes:
- scope: external.anonymous_token.write
  description: Create anonymous tokens used for discovery endpoints.
  flows:
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml
- scope: external.appointment.read
  description: Read basic details of your appointments.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml
- scope: external.appointment.write
  description: Book and modify appointments.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml
- scope: external.credential.rotate
  description: Rotate the authenticated client secret.
  flows:
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml
- scope: external.provider_insurance.write
  description: Update the insurance accepted by a provider.
  flows:
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml
- scope: external.schedulable_entity.read
  description: Read schedulable entities.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/zocdoc-zocdoc-api-openapi.yml