Custom security based on roles


#1

How can I describe access to resourse based on roles?

RAML Spec shows example with Dropbox auth and there is rows:

securitySchemes:
    - oauth_2_0: !include oauth_2_0.yml
/users/{userid}/gists:
    get:
        securedBy: [null, oauth_2_0: { scopes: [ ADMINISTRATOR ] } ]

Where and how can I define scopes?

And how securedBy can be used to say something like: allow for SuperUser, deny for Visitor.
Is it possible?