---
title: Access services through scopes and roles
description: User applications rely on self-management scopes to grant users access to a subset of PingOne resources. For more information about scopes, refer to Resource scopes. Conversely, administrator applications use role assignments to determine the actions a user or client can perform. For more information about roles, refer to Roles in the PingOne Platform APIs.
component: pingone-api
page_id: pingone-api:foundations:pingone-roles-scopes-and-permissions/access-services-through-scopes-and-roles
canonical_url: https://developer.pingidentity.com/pingone-api/foundations/pingone-roles-scopes-and-permissions/access-services-through-scopes-and-roles.html
---

# Access services through scopes and roles

User applications rely on self-management scopes to grant users access to a subset of PingOne resources. For more information about scopes, refer to [Resource scopes](../../platform/resources/resource-scopes.html). Conversely, administrator applications use role assignments to determine the actions a user or client can perform. For more information about roles, refer to [Roles](../../platform/roles.html) in the *PingOne Platform APIs*.

For detailed information about scopes, refer to the following topics:

* [PingOne self-management scopes](access-services-through-scopes-and-roles/pingone-self-management-scopes.html)

* [OpenID Connect (OIDC) scopes](access-services-through-scopes-and-roles/openid-connect-oidc-scopes.html)

* [Custom scopes](access-services-through-scopes-and-roles/custom-scopes.html)