The following macros are not currently supported in the header:
  • style

Scope

Owned by Kurt Wagner (Unlicensed)
Last updated: Oct 11, 2013Version comment

Introduction to request scopes

A scope is used to convey what permissions your application requires when requesting permission from the end-user. Once an access token is issued you cannot change the scope without recreating another grant request because the end-user has only permitted your application access within the bounds of the scope. You should see the scope as an agreement between your application and the end-user. The scope is presented to the end-user on grant request, and only if they agree to provide access will you receive the credentials required to subsequently acquire access.

Syntax

A scope's format is very similar to the _fields parameter. It may contain up to two parent keys (operations): read or write, and within defines the resources permitted with the operation.

Current available scopes are:

  • read(all) - Read only access to all data the user owns or has access to including personal information, and
  • write(all) - Read and write access to all data the user owns or has access to including personal information.
  • read({resource}) - Read only access to data related to the {resource} object.
  • write({resource}) - Read and write access to data related to the {resource} object.

Scope resources can be any of our endpoints. The scope can be concatenated and delimited by a comma. For example:

  • read(all),write(companies,contacts) - read all information and write to only companies and contacts.
  • write(contacts,issues) - Read and write access to contact and issue data.