Authentication Scope

You can make authenticated API calls by passing an oauth_token parameter to any method. The mechanism for obtaining a token on behalf of a user is explained here.

Each token has a set of 'scopes' attached to it, determining which methods you will be able to call. A scope represents a set of actions that a user has allowed you to perform on their behalf. The API explorer will let you call methods with differently scoped tokens for testing.

The lowest scope is identity which is used for simple login representation. Beyond that is the read scope, which allows you to fetch state information about the player. The final regular scope is write, which allows you to make modifications to a player. The read scope implicitly includes the identity scope, while the write scope implicitly includes read. Asking for write is the same as asking for identity,read,write.

Applications should always ask for the lowest scope that they can manage with - don't ask for write "just in case". You can always request expanded scope later, with a subsequent auth request.

Methods by Scope