}
        },
        "components": {
            "securitySchemes": {
                "OAuth2PasswordBearer": {
                    "type": "oauth2",
                    "flows": {"password": {"scopes": {}, "tokenUrl": "token"}},
                }
            }
        },

<img src="/img/tutorial/security/image10.png">

/// note

Notice the header `Authorization`, with a value that starts with `Bearer `.

///

## Advanced usage with `scopes`

OAuth2 has the notion of "scopes".

You can use them to add a specific set of permissions to a JWT token.

Then you can give this token to a user directly or a third party, to interact with your API with a set of restrictions.

    protected final MojoExecutionScope scope;

    public MojoExecutionScopeModule(MojoExecutionScope scope) {
        this.scope = scope;
    }

    @Override
    protected void configure() {
        bindScope(MojoExecutionScoped.class, scope);
        // bindScope(org.apache.maven.api.di.MojoExecutionScoped.class, scope);
        bind(MojoExecutionScope.class).toInstance(scope);
        bind(MavenProject.class)

            }
        },
        "components": {
            "securitySchemes": {
                "OAuth2PasswordBearer": {
                    "type": "oauth2",
                    "flows": {"password": {"scopes": {}, "tokenUrl": "/token"}},
                    "description": "OAuth2PasswordBearer security scheme",
                }
            }
        },

      <version>1.0-SNAPSHOT</version>
      <type>jar</type>
      <scope>compile</scope>
    </dependency>
    <dependency>
      <groupId>snapshot-test</groupId>
      <artifactId>maven-snapshot-b</artifactId>
      <version>1.0-SNAPSHOT</version>
      <type>jar</type>
      <scope>compile</scope>
    </dependency>
    <dependency>
      <groupId>snapshot-test</groupId>

      new PercentEscaper(URL_FORM_PARAMETER_OTHER_SAFE_CHARS, true);

  /**
   * Returns an {@link Escaper} instance that escapes strings so they can be safely included in <a
   * href="https://url.spec.whatwg.org/#syntax-url-path-segment">URL path segments</a>. The returned
   * escaper escapes all non-ASCII characters, even though <a
   * href="https://url.spec.whatwg.org/#url-code-points">many of these are accepted in modern

    </dependency>

    <dependency>
      <groupId>maven-test-compile</groupId>
      <artifactId>scope-runtime</artifactId>
      <version>1.0</version>
      <scope>runtime</scope>
    </dependency>

    <dependency>
      <groupId>maven-test-compile</groupId>
      <artifactId>scope-compile</artifactId>
      <version>1.0</version>
      <scope>compile</scope>
    </dependency>
  </dependencies>

      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>com.google.truth.extensions</groupId>
      <artifactId>truth-java8-extension</artifactId>
      <version>${truth.version}</version>
      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>com.google.jimfs</groupId>
      <artifactId>jimfs</artifactId>
      <version>1.3.0</version>
      <scope>test</scope>
    </dependency>

      "\0abyz\u0080\u0100\u0800\u1000ABYZ\uffff" + SMALLEST_SURROGATE + "0189" + LARGEST_SURROGATE;

  // Escapes nothing
  private static final UnicodeEscaper NOP_ESCAPER =
      new UnicodeEscaper() {
        @Override
        protected char @Nullable [] escape(int c) {
          return null;
        }
      };

  // Escapes everything except [a-zA-Z0-9]
  private static final UnicodeEscaper SIMPLE_ESCAPER =

      "\0abyz\u0080\u0100\u0800\u1000ABYZ\uffff" + SMALLEST_SURROGATE + "0189" + LARGEST_SURROGATE;

  // Escapes nothing
  private static final UnicodeEscaper NOP_ESCAPER =
      new UnicodeEscaper() {
        @Override
        protected char @Nullable [] escape(int c) {
          return null;
        }
      };

  // Escapes everything except [a-zA-Z0-9]
  private static final UnicodeEscaper SIMPLE_ESCAPER =