diff --git a/api/services/userService.go b/api/services/userService.go
index aca994a..816cbff 100644
--- a/api/services/userService.go
+++ b/api/services/userService.go
@@ -53,6 +53,63 @@ func (us UserService) GetUser(username string) (domain.UserEntity, error) {
 	return us.repo.GetByName(username)
 }
 
+func (us UserService) AddScopes(username string, scopes []string) error {
+	usr, err := us.repo.GetByName(username)
+	if err != nil {
+		return err
+	}
+
+	if usr.Name != username {
+		return errors.New(repositories.ErrUserNotFound)
+	}
+
+	newScopes := strings.Split(usr.Scopes, ",")
+
+	// check the current scopes
+	for _, item := range strings.Split(usr.Scopes, ",") {
+		if !us.doesScopeExist(scopes, item) {
+			newScopes = append(newScopes, item)
+		}
+	}
+	return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
+}
+
+func (us UserService) RemoveScopes(username string, scopes []string) error {
+	usr, err := us.repo.GetByName(username)
+	if err != nil {
+		return err
+	}
+
+	if usr.Name != username {
+		return errors.New(repositories.ErrUserNotFound)
+	}
+
+	var newScopes []string
+
+	// check all the scopes that are currently assigned
+	for _, item := range strings.Split(usr.Scopes, ",") {
+
+		// check the scopes given, if one matches skip it
+		if us.doesScopeExist(scopes, item) {
+			continue
+		}
+
+		// did not match, add it
+		newScopes = append(newScopes, item)
+	}
+
+	return us.repo.UpdateScopes(username, strings.Join(newScopes, ","))
+}
+
+func (us UserService) doesScopeExist(scopes []string, target string) bool {
+	for _, item := range scopes {
+		if item == target {
+			return true
+		}
+	}
+	return false
+}
+
 func (us UserService) CreateNewUser(name, password, scope string) (domain.UserEntity, error) {
 	err := us.CheckPasswordForRequirements(password)
 	if err != nil {