Permissions

Permissions in the Investment API are modelled as OAuth 2.0 scopes.

We consider related endpoints in the Investment API to be a {topic} and each individual scope grants you permission to perform a set of {action}s in that "topic". The available {topic}s and {action}s are described below.

Scopes are specified as string IDs, in the format {topic}:{action}.

If you need a particular scope to access a group of functionality in the Investment API, you must specify them when requesting the OAuth 2.0 access token.

INFO
It is strongly recommended to limit the number of permissions per access token to the absolute minimum necessary.

Topics

The following {topic}s are available:

Actions

There are two {action}s available:

  • admin: Allows read-and-write access to the resources covered by the {topic}. In most (but not all!) cases, writing includes create, update and delete operations.

  • read: Allows read-only access to the resources covered by the {topic}.

NOTE
  • Only those {topic} × {action} combinations are available, which cover actual API endpoints or operations.
  • {topic}:admin only includes update and/or delete if any corresponding API endpoints and operations are available.

TIP

A full list of available OAuth 2.0 scopes is available for you to inspect.


Was this page helpful?

On this page