Scopes
When the client requests an OAuth 2.0 access token, the requests must specify the desired scopes (that is, the permissions) of the access token. Many of AppDirect's scopes correspond to roles associated with marketplace users. When requesting user-level access tokens, ensure that the user's AppDirect user role(s) correspond to the scope specified in the request.
The table below describes all AppDirect scopes and which grant types the scopes are valid for.
| Scope name | Description | Supported grant types |
|---|---|---|
| ROLE_USER | Allows access as an end user in the company associated with an API call. | Authorization Code, Implicit, Password |
| ROLE_BILLING_ADMIN | Allows access as a Billing Admin for the company associated with an API call. | Authorization Code, Implicit, Password |
| ROLE_SYS_ADMIN | Allows access as a Company Admin for the company associated with an API call. | Authorization Code, Implicit, Password |
| ROLE_RESELLER | Allows access as a Reseller for the company associated with an API call. | Authorization Code, Implicit, Password |
| ROLE_SALES_SUPPORT | Allows access as a Sales Support agent for the marketplace. | Authorization Code, Implicit, Password |
| ROLE_CHANNEL_SUPPORT | Allows access as a Customer Support agent for the marketplace. | Authorization Code, Implicit, Password |
| ROLE_CHANNEL_PRODUCT_SUPPORT | Allows access as a Product Support agent for the marketplace. | Authorization Code, Implicit, Password |
| ROLE_CHANNEL_ADMIN | Allows access as a Marketplace Manager for the marketplace. | Authorization Code, Implicit, Password |
| ROLE_CORPORATE_ADMIN | Allows access as a Network Manager for the marketplace. | Authorization Code, Implicit, Password |
| ROLE_DEVELOPER | Allows access as a Developer for the user associated with an API call. | Authorization Code, Implicit, Password |
| ROLE_PARTNER_READ | Allows access to read all marketplace data. | Client Credentials |
| ROLE_PARTNER | Allows access to read and write all marketplace data. | Client Credentials |
| openid | Requests that the ID token be returned from the token endpoint for SSO. Used in OpenID Connect SSO flow. | Authorization Code, Implicit, Password |
| profile | API client can retrieve profile data about the user such as first name and last name. Used in OpenID Connect SSO flow. | Authorization Code, Implicit, Password |
| API client can retrieve a user’s email address. Used in OpenID Connect SSO flow. | Authorization Code, Implicit, Password |
Was this page helpful?
Tell us more…
Help us improve our content. Responses are anonymous.
Thanks
We appreciate your feedback!