OAuth2 scopes

When I log into mastofe or pinafore, I don't see which permissions tthe service gets on the OAuth login screen.

For example it doesn't show if it only can read my account settings or even have write access for comments.

Are permissions scoped via this type of authentication?