OAuth 2.1 scopes and per-tool access control in ComplyHat

ComplyHat uses OAuth 2.1 with Dynamic Client Registration and enforces scopes on every tool call. When your host completes the OAuth flow, it requests the scopes it needs; ComplyHat rejects any tool call that lacks the required scope with 401 Unauthorized. Most hosts request all needed scopes at registration time, so you typically see a single consent screen listing every permission your host requires for the tools you plan to use.

See authentication for the full OAuth 2.1 flow — how your host discovers the authorization server, registers itself via Dynamic Client Registration, and exchanges an authorization code for a bearer token.

Scope reference

The Protected Resource Metadata document at https://complyhat.ai/.well-known/oauth-protected-resource advertises the following scopes.

Scope	What it grants
`mcp`	Catch-all scope required by some hosts that do not parse fine-grained scopes. Grants access to the MCP endpoint but does not substitute for individual resource scopes during enforcement.
`models:read`	List and inspect registered models. Required by `models` (list, get), `model_cards` (list, get), `reports` (list, get, get_pdf_url).
`models:write`	Register and update models. Required by `models` (register, update), `model_cards` (create, update), `reports` (generate).
`bias-test:read`	List bias tests, schedules, and results. Required by `bias_tests` (list, get, list_schedules).
`bias-test:write`	Run bias tests and create schedules. Required by `bias_tests` (run, create_schedule).
`drift:read`	Read drift monitors, snapshots, and alerts. Required by `drift` (monitors_list, monitors_status, alerts_list_by_model, snapshots_list).
`drift:write`	Create monitors and submit snapshots. Required by `drift` (monitors_create, snapshots_submit).
`adversarial:read`	List and inspect adversarial findings. Required by `adversarial` (list_by_model, get).
`adversarial:write`	Submit adversarial findings. Required by `adversarial` (submit).
`explainability:read`	List explainability runs and read results. Required by `explainability` (list_by_model, get).
`explainability:write`	Trigger explainability runs. Required by `explainability` (run).
`audit:read`	Read the audit event log. Required by `audit_events` (list, get).
`audit:write`	Emit audit events from the host agent. Required by `audit_events` (emit).
`kg:read`	Read the per-tenant compliance wiki. Required by `wiki` (list, read, search, log_list).
`kg:write`	Write to the per-tenant compliance wiki. Required by `wiki` (write, link, draft_from_finding, lint, archive).
`frameworks:read`	Read framework status, gaps, obligations, and regulatory intelligence. Required by `frameworks` (status, gaps, check), `obligations` (list, get, list_by_model, assess), `reg_intel` (changes, deadlines, relevance, change_detail).

Tool-to-scope mapping

Use this table to determine which scopes to request for a given set of tools.

models

Mode	Required scope
`list`, `get`	`models:read`
`register`, `update`	`models:write`

model_cards

Mode	Required scope
`list`, `get`	`models:read`
`create`, `update`	`models:write`

reports

Mode	Required scope
`list`, `get`, `get_pdf_url`	`models:read`
`generate`	`models:write`

bias_tests

Mode	Required scope
`list`, `get`, `list_schedules`	`bias-test:read`
`run`, `create_schedule`	`bias-test:write`

drift

Mode	Required scope
`monitors_list`, `monitors_status`, `alerts_list_by_model`, `snapshots_list`	`drift:read`
`monitors_create`, `snapshots_submit`	`drift:write`

adversarial

Mode	Required scope
`list_by_model`, `get`	`adversarial:read`
`submit`	`adversarial:write`

explainability

Mode	Required scope
`list_by_model`, `get`	`explainability:read`
`run`	`explainability:write`

audit_events

Mode	Required scope
`list`, `get`	`audit:read`
`emit`	`audit:write`

wiki

Mode	Required scope
`list`, `read`, `search`, `log_list`	`kg:read`
`write`, `link`, `draft_from_finding`, `lint`, `archive`	`kg:write`

frameworks, obligations, reg_intel

Tool	Mode	Required scope
`frameworks`	`status`, `gaps`, `check`	`frameworks:read`
`obligations`	`list`, `get`, `list_by_model`, `assess`	`frameworks:read`
`reg_intel`	`changes`, `deadlines`, `relevance`, `change_detail`	`frameworks:read`

alerts, data_governance, guidance

Tool	Notes
`alerts`	Uses the catch-all `mcp` scope. No fine-grained scope is required beyond a valid bearer token.
`data_governance`	Uses the catch-all `mcp` scope.
`guidance`	Uses the catch-all `mcp` scope. Returns read-only skill and agent markdown.

Requesting scopes

Most MCP hosts request all scopes they need at client registration time. For example, a host that calls all 14 entity tools would request:

mcp models:read models:write bias-test:read bias-test:write drift:read drift:write
adversarial:read adversarial:write explainability:read explainability:write
audit:read audit:write kg:read kg:write frameworks:read

You can narrow the list to only what your workflow requires. A read-only audit review host, for instance, might request only models:read audit:read kg:read frameworks:read.

If your host requests fewer scopes than a tool requires, ComplyHat returns 401 Unauthorized on that tool call — even if the bearer token is otherwise valid. Request the scopes you need upfront rather than relying on the mcp catch-all for fine-grained tools.

Get Started

Core Concepts

Guides

Reference

OAuth 2.1 scopes and per-tool access control in ComplyHat

Scope reference

Tool-to-scope mapping

Requesting scopes

Get Started

Core Concepts

Guides

Reference

Documentation Index

​Scope reference

​Tool-to-scope mapping

​Requesting scopes

Scope reference

Tool-to-scope mapping

Requesting scopes