API status

Permissions

Permissions in the Investment API are modelled as OAuth 2.0 scopes.

We consider related endpoints in the Investment API to be a {topic} and each individual scope grants you permission to perform a set of {action}s in that "topic". The available {topic}s and {action}s are described below.

Scopes are specified as string IDs, in the format {topic}:{action}.

If you need a particular scope to access a group of functionality in the Investment API, you must specify them when requesting the OAuth 2.0 access token.

Topics

The following {topic}s are available:

Actions

There are two {action}s available:

  • admin: Allows read-and-write access to the resources covered by the {topic}. In most (but not all!) cases, writing includes create, update and delete operations.

  • read: Allows read-only access to the resources covered by the {topic}.

  • Only those {topic} × {action} combinations are available, which cover actual API endpoints or operations.
  • {topic}:admin only includes update and/or delete if any corresponding API endpoints and operations are available.

A full list of available OAuth 2.0 scopes is available for you to inspect.