The Shop Pay Wallet API provides a user's data for developers to make a payment on their behalf. The
data is split into separate resources each requiring their own scope. To
[request buyer authorization](/docs/api/shop-pay-wallet/reference/index#authorizations)
to access their Shop Pay Wallet you must, therefore, include a combination of the following scopes as
a space-delimited string in the request.

<div id="index-2020-01" class="api-endpoint">
    <div class="api-endpoint-content">
        <div class="api-endpoint-queryparameters">
            <table>
                <tbody>
                    <tr>
                        <td>
                            <strong>Scope</strong>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td>
                            <strong>Resource</strong>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td nowrap>
                            <strong>PCI Compliance Required?</strong>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td>
                            <strong>Details</strong>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <code>uma:pay:address:read</code>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td nowrap>Address</td>
                        <td style="text-align:center">No</td>
                        <td>
                            Use this scope to request access to the buyer's shipping address.
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <code>uma:pay:credit_card:read</code>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td nowrap>Credit Card</td>
                        <td style="text-align:center">No</td>
                        <td>
                            Use this scope to request access to the buyer's credit card summary.
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <code>uma:pay:credit_card:read_payment_session</code>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td nowrap>Payment Token</td>
                        <td style="text-align:center">No</td>
                        <td>
                            Use this scope to request access to a
<a href="/docs/api/admin-rest/latest/resources/payment.html">Payment Session ID</a>.
                            This scope is required when completing checkouts with Shopify Merchants.
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <code>uma:pay:credit_card:read_encrypted</code>
                            <br><span class="heading-flag api-property-flag"></span>
                        </td>
                        <td nowrap> Encrypted PAN </td>
                        <td style="text-align:center"> Yes </td>
                        <td>
                            Use this scope to request access to the encrypted
<a href="https://en.wikipedia.org/wiki/Payment_card_number">Primary Account Number (PAN)</a>
                            of the buyer's credit card.
                            This scope is required when completing checkouts with non-Shopify merchants.
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
    </div>
</div>

## Examples

### Non-PCI compliant partners
The scope string you should provide to [request user authorization](/docs/api/shop-pay-wallet/reference/index#authorizations) is:

```
scope=uma:pay:address:read uma:pay:credit_card:read uma:pay:credit_card:read_payment_session
```

### PCI compliant partners working with Shopify and non-Shopify merchants
The scope string you should provide to [request user authorization](/docs/api/shop-pay-wallet/reference/index#authorizations) is:

```
scope=uma:pay:address:read uma:pay:credit_card:read uma:pay:credit_card:read_payment_session uma:pay:credit_card:read_encrypted
```

## Related resources

- [Getting Started with the Shop Pay Wallet API](/docs/api/shop-pay-wallet/getting-started)
- [Authorization](/docs/api/shop-pay-wallet/authorization)
- [Shop Pay Wallet API reference](/docs/api/shop-pay-wallet/reference/index)
- [Testing the integration](/docs/api/shop-pay-wallet/testing)
- [Shop Pay Wallet ecosystem](/docs/api/shop-pay-wallet/ecosystem)