Scopes are used to control permissions in role based security in addition to ACL permissions. ACL lists are used to control who can do certain operations for a single object (like a folder). Scopes are overrides ACL checks for certain operations on all objects. For example you can deny viewing all folders even user has permission.
Some of scopes are explicitly defined for Administrators group members but non-admin users may have some scopes to perform tasks like searching for a work item without having administrative rights.
Scopes are defined in rest API service and screen customizations for audiences by editing domain propertiesuser group definitions.
Emakin defines the following scopes to control features;
...