Design Smells - Part Two

One of the big problems I've seen with this and that I'm probably going to include in part two is about authentication. Is it just simply you have access or you don't? Do you have fine grain access? How are, how is that represented in terms of the API? The Zoom API is exceptionally well done. It's OAuth 2.0, which is a particular surprise but then their fine grain authorization through the scopes is fantastic. So I think those are two big things and then I'll probably attack webhooks.fyi and how people are representing it.