The scope parameter enables you to fine-tune what the client application can access in a Salesforce organization.There is no such clear concept which will provide read-only access to Salesforce.Depending the value parameter of the scope the level of access is granted.The valid values for scope are:
All scope values automatically include id, so that regardless of which values for the scope you pass, you always have access to the identity URLs.
As a user approves applications, the value of the scope is stored with the refresh token.
For example, if a user approves an application with a scope of id, the refresh token is created with scope=id. Then, if the user approves the second application with a different range, for example, API, the refresh token is created with scope=api.
For both JSON or SAML bearer token requests, the request looks at the scopes of all the previous refresh tokens and combines them.
The scope parameter enables you to fine-tune what the client application can access in a Salesforce organization.There is no such clear concept which will provide read-only access to Salesforce.Depending the value parameter of the scope the level of access is granted.The valid values for scope are:
All scope values automatically include id, so that regardless of which values for the scope you pass, you always have access to the identity URLs.
As a user approves applications, the value of the scope is stored with the refresh token.
For example, if a user approves an application with a scope of id, the refresh token is created with scope=id. Then, if the user approves the second application with a different range, for example, API, the refresh token is created with scope=api.
For both JSON or SAML bearer token requests, the request looks at the scopes of all the previous refresh tokens and combines them.
Kindly mark it as solved if it helps you.
Best Regards,
Nagendra.P
So there is not an option for read-only access to an object or data?