Different scopes can be used when making requests to the API Authorization Service to obtain an access token. A scope defines what endpoints and/or what response resources an access token grants access to.
Each scope requires an appropriately “fresh” FTSession_s cookie, that represents a ft.com user’s session as described below. If an authorization request is made for a certain scope, without an appropriately fresh FTSession_s cookie, then the default scope that can be granted with the given FTSession_s cookie is returned.
Scope |
Required FTSession_s freshness |
Endpoint access granted to |
profile_max | <= 30 minutes old |
GET /users/{userId}/profile/full GET /users/{userId}/profile/basic |
profile_min | <= 180 days old | GET /users/{userId}/profile/basic |
profile_dem | <= 180 days old | GET /users/{userId}/profile/demographics |
licence_data | <= 1 day old |