diff --git a/r2/r2/controllers/api.py b/r2/r2/controllers/api.py
index 8f64daaf2..a0cc29cd4 100755
--- a/r2/r2/controllers/api.py
+++ b/r2/r2/controllers/api.py
@@ -797,6 +797,7 @@ class ApiController(RedditController, OAuth2ResourceController):
             c.user.delete(delete_message)
             form.redirect("/?deleted=true")
 
+    @require_oauth2_scope("edit")
     @noresponse(VUser(),
                 VModhash(),
                 thing = VByNameIfAuthor('id'))
@@ -946,6 +947,7 @@ class ApiController(RedditController, OAuth2ResourceController):
 
         indict(thing)
 
+    @require_oauth2_scope("edit")
     @validatedForm(VUser(),
                    VModhash(),
                    item = VByNameIfAuthor('thing_id'),
diff --git a/r2/r2/models/token.py b/r2/r2/models/token.py
index 6f8217156..515fbe7cb 100644
--- a/r2/r2/models/token.py
+++ b/r2/r2/models/token.py
@@ -96,6 +96,11 @@ class ConsumableToken(Token):
 
 class OAuth2Scope:
     scope_info = {
+        "edit": {
+            "id": "edit",
+            "name": _("Edit Posts"),
+            "description": _("Edit and delete my comments and submissions."),
+        },
         "identity": {
             "id": "identity",
             "name": _("My Identity"),