Each "scope" is just a string (without spaces).

They are normally used to declare specific security permissions, for example:

* `users:read` or `users:write` are common examples.
* `instagram_basic` is used by Facebook / Instagram.
* `https://www.googleapis.com/auth/drive` is used by Google.

/// info

In OAuth2 a "scope" is just a string that declares a specific permission required.

Here you will see different recipes or "how to" guides for **several topics**.

Most of these ideas would be more or less **independent**, and in most cases you should only need to study them if they apply directly to **your project**.

If something seems interesting and useful to your project, go ahead and check it, but otherwise, you might probably just skip them.

/// tip

If you are helping a lot of people with their questions, you will become an official [FastAPI Expert](fastapi-people.md#fastapi-experts){.internal-link target=_blank}. 🎉

Just remember, the most important point is: try to be kind. People come with their frustrations and in many cases don't ask in the best way, but try as best as you can to be kind. 🤗

**FastAPI** provides the same `starlette.responses` as `fastapi.responses` just as a convenience for you, the developer. But most of the available responses come directly from Starlette.

///

## Returning a custom `Response` { #returning-a-custom-response }

### Single Container { #single-container }

description: I want to make an existing feature better
labels: ["type=enhancement"]
body:
  - type: markdown
    attributes:
      value: >
        Filing feature requests is one of the most popular ways to contribute to Guava.


        Be aware, though: most feature requests are not accepted, even if they're suggested by
        a full-time Guava team member. [Feedback](https://stackoverflow.com/a/4543114) from our

             to quit<b>)</b>
```

</div>

That would work for most of the cases. 😎

You could use that command for example to start your **FastAPI** app in a container, in a server, etc.

## ASGI Servers { #asgi-servers }

Let's go a little deeper into the details.

We can use **OAuth2** to build that with **FastAPI**.

But let's save you the time of reading the full long specification just to find those little pieces of information you need.

Let's use the tools provided by **FastAPI** to handle security.

## How it looks { #how-it-looks }

Let's first just use the code and see how it works, and then we'll come back to understand what's happening.

## Create `main.py` { #create-main-py }

## FastAPI Experts

These are the users that have been [helping others the most with questions in GitHub](help-fastapi.md#help-others-with-questions-in-github){.internal-link target=_blank}. 🙇

They have proven to be **FastAPI Experts** by helping many others. ✨

/// tip

You could become an official FastAPI Expert too!

# Security { #security }

There are many ways to handle security, authentication and authorization.

And it normally is a complex and "difficult" topic.

In many frameworks and systems just handling security and authentication takes a big amount of effort and code (in many cases it can be 50% or more of all the code written).