Documentation for token scopes?

Hi, I’m curious how the scopes of token works.

Especially, I want to know what scope is enough to call particular API endpoint.

For example, if I want to read event data via API, is only “event:read” scope is enough?
Or, should I tick “project:read”, “org:read” or even “event:admin” ?

Is there any documents to explain scopes of token?