> ## Documentation Index
> Fetch the complete documentation index at: https://docs.flexslot.gg/llms.txt
> Use this file to discover all available pages before exploring further.

# Request additional scopes or game-scopes

> Submit a scope change request for admin review. Adding scopes is higher-risk than CORS-origin self-service, so requests go through Flexslot admin instead of taking effect immediately. The partner is notified of approval/rejection by email.



## OpenAPI

````yaml /openapi.json post /api/public/v1/me/partner/scope-requests
openapi: 3.0.3
info:
  title: Flexslot API
  version: 1.0.0
  description: API documentation for Flexslot decks application
servers:
  - url: https://api.flexslot.gg
    description: Production
  - url: https://api-dev.flexslot.gg
    description: Development
security: []
paths:
  /api/public/v1/me/partner/scope-requests:
    post:
      tags:
        - Me
      summary: Request additional scopes or game-scopes
      description: >-
        Submit a scope change request for admin review. Adding scopes is
        higher-risk than CORS-origin self-service, so requests go through
        Flexslot admin instead of taking effect immediately. The partner is
        notified of approval/rejection by email.
      operationId: me_partner_scope_request_create
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/_ScopeChangeRequestRequest'
          application/x-www-form-urlencoded:
            schema:
              $ref: '#/components/schemas/_ScopeChangeRequestRequest'
          multipart/form-data:
            schema:
              $ref: '#/components/schemas/_ScopeChangeRequestRequest'
        required: true
      responses:
        '202':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/_ScopeChangeResponse'
          description: ''
      security:
        - PersonalAccessToken: []
        - OAuth2Bearer: []
components:
  schemas:
    _ScopeChangeRequestRequest:
      type: object
      properties:
        requested_scopes:
          type: array
          items:
            type: string
            minLength: 1
            maxLength: 64
          maxItems: 20
        requested_game_scopes:
          type: array
          items:
            type: string
            minLength: 1
            maxLength: 32
            pattern: ^[-a-zA-Z0-9_]+$
          maxItems: 10
        justification:
          type: string
          minLength: 10
          maxLength: 2000
      required:
        - justification
    _ScopeChangeResponse:
      type: object
      properties:
        id:
          type: string
          format: uuid
        status:
          type: string
        message:
          type: string
      required:
        - id
        - message
        - status
  securitySchemes:
    PersonalAccessToken:
      type: http
      scheme: bearer
      bearerFormat: flx_pat_...
      description: 'User-issued personal access token (format: flx_pat_<token>).'
    OAuth2Bearer:
      type: http
      scheme: bearer
      bearerFormat: flx_at_...
      description: >-
        OAuth2 access token issued via the authorization-code + PKCE flow
        (format: flx_at_<token>). Grants the partner user-scoped access to act
        on behalf of the consenting end-user.

````