Scopes | Fanvue API Documentation

What are Scopes?

Scopes are like permissions that control what your app can do when users connect it to their Fanvue account using OAuth 2.0. Think of them as specific access levels that determine which resources your application can read from or write to.

When you create your OAuth app, you’ll specify which scopes you need based on what your app does. This ensures your application only has access to the data and features it actually needs, following the principle of least privilege for better security.

To learn more about OAuth 2.0 and how to set up your app, check out our OAuth Tutorial.

How Scopes Work

Permission Control: Each scope grants access to specific resources and actions
Request Validation: Every API request checks if your access token has the required scopes
Error Handling: Requests without sufficient scopes return a 403 Forbidden error
App Configuration: Scopes are set when you create your OAuth app and determine what permissions users can grant

Available Scopes

The following table lists all available scopes organized by resource:

Resource	Scopes
User	`read:self`
Chat	`read:chat`, `write:chat`
Fan	`read:fan`
Creator	`read:creator`, `write:creator`
Media	`read:media`, `write:media`
Posts	`write:post`
Insights	`read:insights`

Scope Descriptions

read:self
Access your own user profile information, including basic account details and settings.

read:chat
Read chat conversations, messages, and chat-related data. This includes viewing chat lists and message history.

write:chat
Create new chats and send messages. This scope is required for any chat-related actions that modify data.

read:fan
Access fan-related data and information within the platform.

read:creator Access creator profiles, content, and creator-specific information.

write:creator Modify creator profiles, settings, and creator-specific data.

read:media Access media files, images, videos, and other content assets.

write:media Upload, modify, and manage media files and content assets.

write:post Create, edit, and manage posts and content on behalf of users.

read:insights Access analytics, metrics, and insights data for performance tracking.

Setting Up Scopes

When creating your OAuth app, you’ll configure which scopes your app can request:

Choose the scopes your app actually needs
Follow the principle of least privilege - only request what’s necessary
Consider your users - they’ll see what permissions you’re asking for

Users will then grant (or deny) these specific permissions when they connect your app to their account. For the complete setup process, see our OAuth Tutorial.

Error Handling

If your access token doesn’t have the required scopes for a request, you’ll receive:

1 {
2   "error": "Insufficient scopes"
3 }

This response comes with a 403 Forbidden HTTP status code. Make sure your app requests all necessary scopes and that users have granted them.