required_specified_scope(custom_allow_scope) render_unauthorized unless (custom_allow_scope & current_access_token.scopes).present? end class CoordinatesController < ApplicationController before_action -> { required_specified_scope(‘zozotown’) }, only: [:show] def show; end end