Scopes Overview
You are able to define what an application can do on an account. This is referred to as application scopes. Scopes represent permissions granted to an application to access specific resources or perform certain actions on behalf of a user. They define the level of access that applications have once they are authenticated.App (Global) Scope Grants
Description: Global scopes are permissions set at an application-wide level by the system administrators through CMS. These define the broadest permissions an application can use. Purpose: Ensures that an application cannot request access to more resources than it is allowed at a maximum, regardless of individual user permissions.User (Individual) Scope Grants
Description: User scopes are permissions granted by individual users, specifying what aspects of their data or functionalities an application can access. Purpose: Provides users control over their data and limits applications to access only what is necessary and explicitly permitted by the user.Valid Scope Requirements
This is checked during generateUserAccessToken. For an application’s scope to be considered active and valid: Both Grants Must Be Active: The permission must be granted both at the global level (by administrators/system) and at the individual user level. Non-expired Grants: Both the global and user grants must be current and not expired. An expired grant will automatically revoke the application’s access to the specified resources.Application Scopes
The following is a list of scopes that are available for any application.Get Application Scopes
You can use thegetApplicatonScopes query to get your account’s current application scopes. The query will respond with an array of strings stating what scope is currently granted.