OAuth Scopes

Scopes define the level of access your application requests from users. Only request the scopes your application needs.

Quick Reference

Auto-granted scopes

Granted automatically when user authorizes

Approval required

May require admin approval for your app

Loading scopes...

Using Scopes

Request scopes by including them in your authorization URL, separated by spaces:

https://velora.tv/oauth/authorize?
  client_id=YOUR_CLIENT_ID
  &redirect_uri=https://yourapp.com/callback
  &response_type=code
  &scope=user:read stream:read chat:write
  &state=RANDOM_STATE
  &code_challenge=YOUR_CODE_CHALLENGE
  &code_challenge_method=S256

Best Practices

1.
Request minimum necessary scopes

Only request the scopes your application actually needs. Users are more likely to trust and authorize apps with fewer permissions.

2.
Explain why you need each scope

In your app's description and during authorization, clearly explain what each permission is used for.

3.
Use incremental authorization

Request basic scopes initially, then request additional scopes when features that need them are accessed.

4.
Handle scope denial gracefully

Users can deny specific scopes. Your app should handle reduced permissions without crashing.

Common Use Cases

📺Streaming Software (OBS, Meld Studio)

For apps that need to configure and start streams on behalf of the user.

stream:keystream:readstream:writeuser:read

🤖Chat Bot (Streamer.bot, Firebot)

For apps that read and respond to chat messages.

chat:readchat:writeuser:readchannel:points:read

📊Analytics Dashboard

For apps that display viewer stats, followers, and subscriber information.

user:readstream:readfollowers:readsubscriptions:read

🛡️Moderation Tool

For apps that help moderate chat and manage channel settings.

chat:readchat:moderatechannel:readuser:read

Next Steps

Authentication →

Learn how to implement OAuth 2.0 with PKCE

Streaming Software Guide →

Integrate with OBS, Meld Studio, and more