When developing a Software as a Service (SaaS) application that accesses third-party data, implementing least privilege access is crucial to minimize security risks. This principle ensures users only have the necessary permissions, reducing the potential damage from breaches by limiting their interaction with systems and data. Using Clerk Single Sign On (SSO) for OAuth scopes customization allows applications like BookMate to request only essential data access on a per-user basis. BookMate, a scheduling tool, demonstrates this by allowing users to link their Google Calendar and request specific permissions, such as adding events directly to their calendar only if they opt-in. This customization involves configuring OAuth scopes through a toggle feature in the settings, checking existing scopes on the Google access token, and reauthorizing users when additional scopes are needed. Storing user-specific scopes in Clerk's public metadata enables seamless reauthorization and scope management, ensuring applications have the correct permissions while maintaining user trust and security.