Scope (List of permissions) – is an action or set of actions in the name of the user that is available for integration via oAuth protocol.
At the moment permissions are divided into two parts:
- Data of the account with given User rights – all methods of API are accessible, except methods that work with Notification Center
- Notification Center
At the moment we decided to simplify the system of access and the main part of the API methods can be found in one and only scope – Data of the account.
At the moment an integration can be installed only by the administrator of the account, that’s why an integration gets the rights of the administrator while working with the account, but will have a limitation private methods requests, that are connected with the rights of the users, account, and billing.
If you didn’t choose access to the Notification Center when creating an application and users already gave your integration limited access scope and after that, you edited the scope in the integration settings to make it full rights, users that had limited scope will continue to work in a limited scope. To acquire the new scope from the same users you will need to ask for permission from them again.
Maybe in the future, we will divide the scope account data into separate parts. For example, access to the private methods of API will be limited (methods that you cannot find in the documentation), for them a separate scope will be required and for integrations, with already installed access new access will be added automatically, but we will still be able and will have full rights to limit and decline access for some integrations.