Manual:Grants

Grants are bundles of user rights that can be assigned to applications which can then act in a user's name. They are mainly used by OAuth and bot passwords. (In OAuth 2.0 this concept is called a scope.) An application acting in the name of a user gains a given user right if the user has that right and the application has at least one grant that contains that right (ie. grants don't convey permissions in themselves, but allow an application to make use of users' own permissions when acting in those users' name).

Grants can be configured with $wgGrantPermissions and the corresponding extension.json field. The grants available at a given wiki can be inspected on the Special:ListGrants page.

See also

edit