Sunday 05 July 2026 00:35:25 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Token Scope

The set of permissions attached to a token, which determines how much access a leaked token can provide.

Token scope is the set of permissions attached to an authentication token. It defines what the token can do, such as reading repositories, writing files, calling APIs, or accessing private data. A token with broad scope behaves like a powerful key; a token with narrow scope limits access to only the tasks it needs.

In cyber security, scope is critical because a leaked token is only as dangerous as the permissions it carries. Attackers often search for tokens with overbroad or long-lived scopes, since those can unlock more systems after a compromise. Defenders reduce risk by following least privilege, using fine-grained tokens, shortening token lifetimes, and revoking credentials quickly when exposure is suspected. Reviewing scope before issuing or storing tokens is one of the simplest ways to shrink the blast radius of a leak.

← WIKICROOK index