doorkeeper
Search…
Doorkeeper Guides
Ruby on Rails
Getting Started
Routes
Configuration
Scopes
Securing the API
API Mode
PKCE Flow
Polymorphic Resource Owner
Grape
Grape
ORMs
Active Record
MongoDB
Sequel
Couchbase
Internals
Database Design
Internationalization (i18n)
Rake
Testing
Upgrading
Creating extensions
Concepts
Application
Resource Owner
Access Grant
Access Token
Security
Token and Application Secrets
Configuration
Models
Scopes
Skip Authorization
Other Configurations
Route Constraints and other integrations
Powered By GitBook
Scopes

Access Token Scopes

You can also require the access token to have specific scopes in certain actions:
First configure the scopes in initializers/doorkeeper.rb
1
Doorkeeper.configure do
2
default_scopes :public # if no scope was requested, this will be the default
3
optional_scopes :admin, :write
4
end
Copied!
And in your controllers:
1
class Api::V1::ProductsController < Api::V1::ApiController
2
before_action -> { doorkeeper_authorize! :public }, only: :index
3
before_action only: [:create, :update, :destroy] do
4
doorkeeper_authorize! :admin, :write
5
end
6
end
Copied!
Please note that there is a logical OR between multiple required scopes. In the above example, doorkeeper_authorize! :admin, :write means that the access token is required to have either :admin scope or :write scope, but does not need to have both of them.
If you want to require the access token to have multiple scopes at the same time, use multiple doorkeeper_authorize!, for example:
1
class Api::V1::ProductsController < Api::V1::ApiController
2
before_action -> { doorkeeper_authorize! :public }, only: :index
3
before_action only: [:create, :update, :destroy] do
4
doorkeeper_authorize! :admin
5
doorkeeper_authorize! :write
6
end
7
end
Copied!
In the above example, a client can call :create action only if its access token has both :admin and :write scopes.
Configuration - Previous
Models
Next - Configuration
Skip Authorization
Last modified 3yr ago
Copy link