Grants

The following is a list of grants with their associated access to user rights. Users can authorize applications to use their account, but with limited permissions based on the grants the user gave to the application. An application acting on behalf of a user cannot actually use rights that the user does not have however. There may be additional information about individual rights.

GrantRights
Basic rights (basic)
  • Automatically log in with an external user account (autocreateaccount)
  • Bypass IP blocks, auto-blocks and range blocks (ipblock-exempt)
  • Bypass automatic blocks of Tor exit nodes (torunblocked)
  • Bypass global IP blocks (globalblock-exempt)
  • Edit pages protected as "Allow only autoconfirmed users" (editsemiprotected)
  • Have one's own edits automatically marked as patrolled (autopatrol)
  • Not be affected by IP-based rate limits (autoconfirmed)
  • Not have minor edits to discussion pages trigger the new messages prompt (nominornewtalk)
  • Perform CAPTCHA-triggering actions without having to go through the CAPTCHA (skipcaptcha)
  • Read pages (read)
  • View a list of unwatched pages (unwatchedpages)
  • View abuse filters (abusefilter-view)
  • View detailed abuse log entries (abusefilter-log-detail)
  • View recent changes patrol marks (patrolmarks)
  • View the abuse log (abusefilter-log)
High-volume (bot) access (highvolume)
  • Be treated as an automated process (bot)
  • Mark rolled-back edits as bot edits (markbotedits)
  • Not be affected by rate limits (noratelimit)
  • Send a message to multiple users at once (massmessage)
  • Use higher limits in API queries (apihighlimits)
Import revisions (import)
  • Import pages from a file upload (importupload)
  • Import pages from other wikis (import)
Edit existing pages (editpage)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Change Item terms (labels, descriptions, aliases) (item-term)
  • Change Property terms (labels, descriptions, aliases) (property-term)
  • Change page language (pagelang)
  • Create Item redirects (item-redirect)
  • Edit pages (edit)
  • Edit the content model of a page (editcontentmodel)
  • Mark edits as minor (minoredit)
  • Merge Items (item-merge)
Edit protected pages (editprotected)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Bypass blocked external domains (abusefilter-bypass-blocked-external-domains)
  • Bypass the spam block list (sboverride)
  • Edit pages (edit)
  • Edit pages protected as "Allow only administrators" (editprotected)
  • Edit pages protected as "Allow only autopatrollers" (editautopatrolprotected)
  • Edit pages protected as "Allow only autopatrollers" (editextendedsemiprotected)
  • Edit pages protected as "Allow only autoreviewers" (editautoreviewprotected)
  • Edit pages protected as "Allow only editors" (editeditorprotected)
  • Edit pages protected as "Allow only trusted users" (edittrustedprotected)
  • Edit pages with potential legal consequences (edit-legal)
  • Edit protected templates (templateeditor)
  • Edit restricted pages (extendedconfirmed)
  • Edit the content model of a page (editcontentmodel)
  • Mark edits as minor (minoredit)
  • Move pages with stable versions (movestable)
  • Override the disallowed titles or usernames list (tboverride)
Edit your user CSS/JSON/JavaScript (editmycssjs)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Edit pages (edit)
  • Edit the content model of a page (editcontentmodel)
  • Edit your own user CSS files (editmyusercss)
  • Edit your own user JSON files (editmyuserjson)
  • Edit your own user JavaScript files (editmyuserjs)
  • Mark edits as minor (minoredit)
Edit your user preferences and JSON configuration (editmyoptions)
  • Edit your own preferences (editmyoptions)
  • Edit your own user JSON files (editmyuserjson)
Edit the MediaWiki namespace and sitewide/user JSON (editinterface)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Edit other users' JSON files (edituserjson)
  • Edit pages (edit)
  • Edit sitewide JSON (editsitejson)
  • Edit the content model of a page (editcontentmodel)
  • Edit the user interface (editinterface)
  • Mark edits as minor (minoredit)
Edit sitewide and user CSS/JS (editsiteconfig)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Edit other users' CSS files (editusercss)
  • Edit other users' JSON files (edituserjson)
  • Edit other users' JavaScript files (edituserjs)
  • Edit pages (edit)
  • Edit sitewide CSS (editsitecss)
  • Edit sitewide JSON (editsitejson)
  • Edit sitewide JavaScript (editsitejs)
  • Edit the content model of a page (editcontentmodel)
  • Edit the user interface (editinterface)
  • Mark edits as minor (minoredit)
Create, edit, and move pages (createeditmovepage)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Create Properties (property-create)
  • Create discussion pages (createtalk)
  • Create pages (which are not discussion pages) (createpage)
  • Delete single revision redirects (delete-redirect)
  • Edit pages (edit)
  • Edit the content model of a page (editcontentmodel)
  • Mark edits as minor (minoredit)
  • Move category pages (move-categorypages)
  • Move pages (move)
  • Move pages with their subpages (move-subpages)
  • Move root user pages (move-rootuserpages)
  • Not create redirects from source pages when moving pages (suppressredirect)
Upload new files (uploadfile)
  • Overwrite existing files uploaded by oneself (reupload-own)
  • Upload files (upload)
Upload, replace, and move files (uploadeditmovefile)
  • Move files (movefile)
  • Not create redirects from source pages when moving pages (suppressredirect)
  • Override files on the shared media repository locally (reupload-shared)
  • Overwrite existing files (reupload)
  • Overwrite existing files uploaded by oneself (reupload-own)
  • Reset failed or transcoded videos so they are inserted into the job queue again (transcode-reset)
  • Upload files (upload)
  • Upload files from a URL (upload_by_url)
Patrol changes to pages (patrol)
  • Mark others' edits as patrolled (patrol)
Rollback changes to pages (rollback)
  • Quickly rollback the edits of the last user who edited a particular page (rollback)
Block and unblock users (blockusers)
  • Block or unblock a user from sending email (blockemail)
  • Block or unblock other users from editing (block)
View deleted files and pages (viewdeleted)
  • Search deleted pages (browsearchive)
  • View deleted history entries, without their associated text (deletedhistory)
  • View deleted text and changes between deleted revisions (deletedtext)
View restricted log entries (viewrestrictedlogs)
  • View abuse filters marked as private (abusefilter-view-private)
  • View hidden abuse log entries (abusefilter-hidden-log)
  • View log entries of abuse filters marked as private (abusefilter-log-private)
  • View private logs (suppressionlog)
  • View the disallowed titles list log (titleblacklistlog)
  • View the spam block list log (spamblacklistlog)
Delete pages, revisions, and log entries (delete)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Delete and undelete specific log entries (deletelogentry)
  • Delete and undelete specific revisions of pages (deleterevision)
  • Delete pages (delete)
  • Delete pages with large histories (bigdelete)
  • Edit pages (edit)
  • Edit the content model of a page (editcontentmodel)
  • Mark edits as minor (minoredit)
  • Mass delete pages (nuke)
  • Search deleted pages (browsearchive)
  • Undelete a page (undelete)
  • View deleted history entries, without their associated text (deletedhistory)
  • View deleted text and changes between deleted revisions (deletedtext)
Hide users and suppress revisions (oversight)
  • Hide entries in the abuse log (abusefilter-hide-log)
  • View revisions hidden from any user (viewsuppressed)
  • View, hide and unhide specific revisions of pages from any user (suppressrevision)
Protect and unprotect pages (protect)
  • Add and remove arbitrary tags on individual revisions and log entries (changetags)
  • Apply tags along with one's changes (applychangetags)
  • Change protection settings and edit cascade-protected pages (protect)
  • Edit pages (edit)
  • Edit pages protected as "Allow only administrators" (editprotected)
  • Edit the content model of a page (editcontentmodel)
  • Mark edits as minor (minoredit)
View your watchlist (viewmywatchlist)
  • View your own watchlist (viewmywatchlist)
Edit your watchlist (editmywatchlist)
  • Edit your own watchlist (note that some actions will still add pages even without this right) (editmywatchlist)
Send email to other users (sendemail)
  • Send email to other users (sendemail)
Create accounts (createaccount)
  • Create new user accounts (createaccount)
  • Override the disallowed usernames list (tboverride-account)
  • Override the spoofing checks (override-antispoof)
Access private information (privateinfo)
  • View your own private data (e.g. email address, real name) (viewmyprivateinfo)
Merge page histories (mergehistory)
  • Merge the history of pages (mergehistory)
Create short URLs (shortenurls)
  • Create short URLs (urlshortener-create-url)
Globally block or unblock a user (globalblock)
  • Make and remove global blocks (globalblock)
Manage global account status (setglobalaccountstatus)
  • Lock or unlock global account (centralauth-lock)
  • Suppress or hide global account (centralauth-suppress)
Forcibly create a local account for a global account (createlocalaccount)
  • Forcibly create a local account for a global account (centralauth-createlocal)
Manage your OAuth clients (oauthmanageownclient)
  • Manage OAuth grants (mwoauthmanagemygrants)
  • Propose new OAuth consumers (mwoauthproposeconsumer)
  • Update OAuth consumers you control (mwoauthupdateownconsumer)
Access two-factor authentication (OATH) information for self and others (oath)
  • Query and validate OATH information for self and others (oathauth-api-all)
  • Verify whether a user has two-factor authentication enabled (oathauth-verify-user)
Access checkuser data (checkuser)
  • Check users' IP addresses and other information (checkuser)
  • View the checkuser log (checkuser-log)
Access checkuser data for temporary accounts (checkuser-temporary-account)
  • View IP addresses used by temporary accounts (checkuser-temporary-account)
  • View IP addresses used by temporary accounts without needing to check the preference (checkuser-temporary-account-no-preference)
  • View the log of access to temporary account IP addresses (checkuser-temporary-account-log)

OAuth-specific grants

These additional grants are applicable to OAuth consumers.

GrantRights
User identity verification only, no ability to read pages or act on a user's behalf.
User identity verification only with access to real name and email address, no ability to read pages or act on a user's behalf.