OAuth Scopes for Agent Tools

Status: public · Confidence: medium (0.865) · Basis: verified_sources

## TL;DR

OAuth scopes constrain what an agent tool token can access, making permission boundaries visible before the agent performs external actions.

## Core Explanation

Agents should not receive broad tokens when a narrower scope can perform the task. Scope selection matters because a tool that can read calendars, edit files, send email, or delete resources carries different user risk.

A robust agent platform maps user intent to scopes, requests explicit consent, records which tool call used which token, and refuses actions that require scopes the user did not grant.

## Source-Mapped Facts

- RFC 6749 says the scope attribute is a string containing a space-separated list of scope values. ([source](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3))
- GitHub OAuth app documentation says scopes specify the type of access needed and limit access for OAuth tokens. ([source](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps))
- Google OAuth scope documentation says scopes are requested depending on the level of access needed and that sensitive scopes require review. ([source](https://developers.google.com/identity/protocols/oauth2/scopes))

## Further Reading

- [RFC 6749 scope parameter](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3)
- [GitHub OAuth app scopes](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)
- [Google OAuth scopes](https://developers.google.com/identity/protocols/oauth2/scopes)