As mentioned earlier, most Yahoo User data is protected by Scopes (permissions) in addition to OAuth authorization.
A Scope is a permission setting that specifies access to a Yahoo User's non-public data.
Examples of scopes for the Yahoo Social APIs are:
You must specify the Scopes needed by your application when you register the application on the Yahoo Developer Network (YDN). Later on, the end User must give the application permission to access his or her data. A few other steps are necessary, best explained by an example.
Suppose that your application needs to call the HTTP GET operation on a Usercard Profile. Here is the sequence of events that involve Scopes for this example:
GET: Read (Shared) Yahoo Profiles