Application Scopes
Scopes Overview
You are able to define what an application can do on an account. This is referred to as application scopes.
Scopes represent permissions granted to an application to access specific resources or perform certain actions on behalf of a user. They define the level of access that applications have once they are authenticated.
App (Global) Scope Grants
Description: Global scopes are permissions set at an application-wide level by the system administrators through CMS. These define the broadest permissions an application can use.
Purpose: Ensures that an application cannot request access to more resources than it is allowed at a maximum, regardless of individual user permissions.
User (Individual) Scope Grants
Description: User scopes are permissions granted by individual users, specifying what aspects of their data or functionalities an application can access.
Purpose: Provides users control over their data and limits applications to access only what is necessary and explicitly permitted by the user.
Valid Scope Requirements
This is checked during generateUserAccessToken. For an application's scope to be considered active and valid:
Both Grants Must Be Active: The permission must be granted both at the global level (by administrators/system) and at the individual user level.
Non-expired Grants: Both the global and user grants must be current and not expired. An expired grant will automatically revoke the application's access to the specified resources.
Application Scopes
The following is a list of scopes that are available for any application.
| KEY | Usage |
|---|---|
| LIST_PAYMENT | Allows access to user's payment methods and account balance. |
| LIST_PURCHASES | Allows access to user's purchase history. |
| LIST_OFFERS | Allows access to offers catalog and inventory data. |
| MAKE_DEPOSIT | Allows making a deposit to the user's balance. |
| PURCHASE_GIFTCARD | Allows purchasing a gift card. |
| REVEAL_GIFTCARD | Allows revealing a gift card code for redemption. |
| MANAGE_PAYMENT | Allows making changes to user's payment methods. |
| REVEAL_VIRTUALCARD | Allows revealing a virtual card details. |
| CREATE_VIRTUALCARD | Allows access to create virtual card. |
Get Application Scopes
You can use the getApplicatonScopes query to get your account's current application scopes. The query will respond with an array of strings stating what scope is currently granted.
# Query
query getApplicationScopes {
getApplicationScopes
}
# Response
{
"data": {
"getApplicationScopes": ["LIST_PAYMENT"]
}
}Ensure you have the correct permissions to perform certain mutations and queries with the Fluz API.
Updated 3 months ago