All OAuth 2.0 clients and access tokens have a scope that restricts the clients' access to the endpoints. Depending on the scope granted, a client can have read or write access to an endpoint. You can define scopes when creating an API Client using the [Merchant Center](https://docs.commercetools.com/merchant-center/developer-settings.md#api-clients) or through the [API Clients API](https://docs.commercetools.com/api/projects/api-clients.md). When creating a client or requesting an access token, only provide scopes required by your application. If you do not provide a scope, the access token is granted to all the scopes defined for the API Client. When requesting an OAuth 2.0 access token, the scope parameter can be omitted. # Available Scopes ## Checkout Sessions - `view_sessions:{projectKey}`: grants permission to read a [Checkout Session](https://docs.commercetools.com/checkout/installing-checkout.md#create-checkout-sessions) information to interact with Checkout; for example, it is required for [Connectors](https://docs.commercetools.com/checkout/connectors-and-applications.md#connectors) to interact with Checkout. - `manage_sessions:{projectKey}`: grants permission to create a [Checkout Session](https://docs.commercetools.com/checkout/installing-checkout.md#create-checkout-sessions) using the Session API. ## Applications - `view_checkout_applications:{projectKey}`: grants permission to view [Applications](https://docs.commercetools.com/checkout/applications-api.md) belonging to a Project. - `manage_checkout_applications:{projectKey}`: grants permission to view, create, update, and delete [Applications](https://docs.commercetools.com/checkout/applications-api.md) belonging to a Project. ## Payment Integrations - `view_checkout_payment_integrations:{projectKey}`: grants permission to view [Payment Integrations](https://docs.commercetools.com/checkout/payment-integrations-api.md) integrated into a checkout application. - `manage_checkout_payment_integrations:{projectKey}`: grants permission to view, create, update, and delete [Payment Integrations](https://docs.commercetools.com/checkout/payment-integrations-api.md) integrated into a checkout application. ## Payment Intents - `manage_checkout_payment_intents:{projectKey}`: grants permission to capture, refund, reverse, or cancel payments made through a payment service provider (PSP) or a gift card service provider. ## Transactions - `view_checkout_transactions:{projectKey}`: grants permission to view [Transactions](https://docs.commercetools.com/checkout/transactions-api.md) created during payment processing with checkout. - `manage_checkout_transactions:{projectKey}`: grants permission to create [Transactions](https://docs.commercetools.com/checkout/transactions-api.md) during payment processing with checkout.