generated: '2026-07-11' method: searched source: openapi/fulfil-io-openapi.yml docs: https://developers.fulfil.io/rest_api/oauth/ note: Fulfil documents an OAuth 2.0 authorization code flow with scopes passed as a comma-separated list, but does not publish a complete public scopes reference - the current OAuth docs (https://developers.fulfil.io/rest_api/oauth/) redirect to a workspace login; only the scopes shown in the official OAuth guide (archived) and the official fulfil-python-api client examples are recorded here, which follow a model:permission pattern (e.g. sale.channel:read) plus offline_access as an access_type for offline tokens. schemes: - name: oauth2 source: openapi/fulfil-io-openapi.yml flows: - flow: authorizationCode authorizationUrl: https://{merchant_id}.fulfil.io/oauth/authorize tokenUrl: https://{merchant_id}.fulfil.io/oauth/token description: OAuth 2.0 authorization code flow for public apps. scopes: - scope: user_session description: Grants an API session acting on behalf of the authorizing user; shown as the granted scope in the OAuth token response example in Fulfil's official OAuth guide and used in the official Python client's OAuth session example. sources: - https://web.archive.org/web/20190308042755/http://developers.fulfil.io/getting-started/oauth2.html - https://github.com/fulfilio/fulfil-python-api - scope: sale.channel:read description: Read access to the sale.channel model; used in Fulfil's official headless offline-access example, illustrating the model:permission scope pattern Fulfil uses for granting access to individual ERP models. sources: - https://web.archive.org/web/20190308042755/http://developers.fulfil.io/getting-started/oauth2.html