--- title: Get an OAuth2 client scopes restriction description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > API Reference > OAuth2 Client Public --- # Get an OAuth2 client scopes restriction{% #get-an-oauth2-client-scopes-restriction %} Copy pageCopied {% tab title="v2" %} **Note**: This endpoint is in preview and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/). | Datadog site | API endpoint | | ----------------- | ---------------------------------------------------------------------------------------- | | ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | app.datadoghq.eu | GET https://api.datadoghq.eu/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | app.ddog-gov.com | GET https://api.ddog-gov.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | us2.ddog-gov.com | GET https://api.us2.ddog-gov.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | app.datadoghq.com | GET https://api.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | | us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/oauth2/clients/{client_uuid}/scopes_restriction | ### Overview Get the scopes restriction configured for the OAuth2 client. This endpoint requires the `org_authorized_apps_read` permission. ### Arguments #### Path Parameters | Name | Type | Description | | ----------------------------- | ------ | -------------------------- | | client_uuid [*required*] | string | UUID of the OAuth2 client. | ### Response {% tab title="200" %} OK {% tab title="Model" %} Response payload describing the scopes restriction of an OAuth2 client. | Parent field | Field | Type | Description | | ------------------ | -------------------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | | | data [*required*] | object | Data object of an OAuth2 client scopes restriction response. | | data | attributes [*required*] | object | Attributes of an OAuth2 client scopes restriction. | | attributes | required_permission_scopes [*required*] | [string] | Permission scopes automatically required for this client (for example, mobile-app permission scopes). Returns `null` when no scopes are required. | | attributes | scopes_restriction [*required*] | object | Allowlist of OIDC and permission scopes enforced for the OAuth2 client. | | scopes_restriction | oidc_scopes [*required*] | [string] | OIDC scopes the client is restricted to. | | scopes_restriction | permission_scopes [*required*] | [string] | Datadog permission scopes the client is restricted to. | | data | id [*required*] | uuid | UUID of the OAuth2 client this restriction applies to. | | data | type [*required*] | enum | JSON:API resource type for an OAuth2 client scopes restriction. Allowed enum values: `scopes_restriction` | {% /tab %} {% tab title="Example" %} ```json { "data": { "attributes": { "required_permission_scopes": [ "mobile_app_access" ], "scopes_restriction": { "oidc_scopes": [ "openid", "email" ], "permission_scopes": [ "dashboards_read", "metrics_read" ] } }, "id": "fafa8e1c-36a5-11f0-a83d-da7ad0900001", "type": "scopes_restriction" } } ``` {% /tab %} {% /tab %} {% tab title="400" %} Bad Request {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="404" %} Not Found {% tab title="Model" %} API error response. | Parent field | Field | Type | Description | | ------------ | ------------------------ | -------- | ------------------------------------------------------------------------------- | | | errors [*required*] | [object] | A list of errors. | | errors | detail | string | A human-readable explanation specific to this occurrence of the error. | | errors | meta | object | Non-standard meta-information about the error | | errors | source | object | References to the source of the error. | | source | header | string | A string indicating the name of a single request header which caused the error. | | source | parameter | string | A string indicating which URI query parameter caused the error. | | source | pointer | string | A JSON pointer to the value in the request document that caused the error. | | errors | status | string | Status code of the response. | | errors | title | string | Short human-readable summary of the error. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ { "detail": "Missing required attribute in body", "meta": {}, "source": { "header": "Authorization", "parameter": "limit", "pointer": "/data/attributes/title" }, "status": "400", "title": "Bad Request" } ] } ``` {% /tab %} {% /tab %} {% tab title="429" %} Too many requests {% tab title="Model" %} API error response. | Field | Type | Description | | ------------------------ | -------- | ----------------- | | errors [*required*] | [string] | A list of errors. | {% /tab %} {% tab title="Example" %} ```json { "errors": [ "Bad Request" ] } ``` {% /tab %} {% /tab %} ### Code Example ##### \# Path parameters export client_uuid="fafa8e1c-36a5-11f0-a83d-da7ad0900001" \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/oauth2/clients/${client_uuid}/scopes_restriction" \ -H "Accept: application/json" \ -H "DD-API-KEY: ${DD_API_KEY}" \ -H "DD-APPLICATION-KEY: ${DD_APP_KEY}" {% /tab %}