# OAuth2

The Bare Bitcoin API has (limited) support for OAuth2, allowing
users to grant 3rd party applications access to their account, without having to set up API keys.

## Registering your application

Before integrating the Bare Bitcoin API using OAuth2, you need to register
your application by setting up an OAuth2 client. This is currently a manual
process. Reach out to hei@barebitcoin.no if this is of interest to you!

## URLs

* **Authorize URL**: `https://barebitcoin.no/rest/oauth2/v0/authorize`
* **Token URL**: `https://barebitcoin.no/rest/oauth2/v0/token`
* **Verify URL**: `https://barebitcoin.no/rest/oauth2/v0/verify`


## Scopes

We currently offer a very limited set of scopes when using OAuth2. As of November 2025, only a
single scope is available: `api:accounts:bitcoin:read`. This lets you read bitcoin accounts
(name, balance). No transaction data!