description: |
  OAuth2 is a protocol that lets external apps request authorization to private
  details in a user's account without getting their password.
type: OAuth 2.0
describedBy:
  headers:
    Authorization:
      description: |
        Used to send a valid OAuth 2 access token. Do not use together with
        the "access_token" query string parameter.
  queryParameters:
    access_token:
      description: |
        Used to send a valid OAuth 2 access token. Do not use together with
        the "Authorization" header
  responses:
    404:
      description: Unauthorized
settings:
  authorizationUri: https://itsyou.online/v1/oauth/authorize
  accessTokenUri: https://itsyou.online/v1/oauth/access_token
  authorizationGrants: [ code ]
  scopes:
    - "user:admin"
    - "user:info"
    - "organization:owner"
    - "organization:member"
    - "organization:info"
    - "organization:contracts:read"
    - "company:admin"
    - "company:read"
    - "company:info"
    - "company:contracts:read"
    - "contract:read"
    - "contract:participant"