OAuth Scopes
Understanding permission scopes
Scopes let you specify exactly what type of access you need from Signeasy users. Scopes limit access for OAuth access tokens. They do not grant any additional permission beyond that which the user already has.
When authorizing a Signeasy oauth app, requested scopes are displayed to the user on the authorization form.
Available Scopes
| Scope | Resource | Description |
|---|---|---|
user:read | User | Grants read access to profile & account information of the user. |
files:read | Files | Grants read access to all types of files - original, pending, draft and signed. |
original:read | Original Documents | Grants read access to only the original documents of the user. |
original:create | Original Documents | Grants access to import new original documents to the user's account. |
original:update | Original Documents | Grants access to make changes to the original documents of the user. |
signed:read | Signed Documents | Grants read access to all signed documents of the user. This includes documents that are self-signed and signed via the Request Signature feature. |
signed:create | Signed Documents | This scope is required for Embedded Sending, to open an original document to self-sign or send for signature (Request Signature). |
signed:update | Signed Documents | Grants access to actions like rename and delete to the signed documents of the user. |
rs:read | Request Signatures | Grants access to all the pending signature requests of the user. |
rs:create | Request Signatures | This scope is required to initiate new signature requests on behalf of the user. |
rs:update | Request Signatures | Grants access to actions like remind and void for all signature requests of the user. |
rs:signingurl | Request Signatures | This scope is required for Embedded Signing, to get the signing links of a document in a signature request. |
template:manage | Templates | Grants read, list, rename and delete access to all the templates of the user. |
webhooks:manage | Webhooks | Grants access to read, update and create webhook URLs of the user. |
offline_access | Refresh Token | Grants access to a user's resources when the user is not present. In the Authorization Code Flow, you must include this scope to receive the refresh_token along with the access_token. |
In the case of Authorization code flow, an oauth application can request for any of the scopes mentioned. The grant request page presented to the user will list each of the scopes with the description of the scope being requested by the application.
An example grant request page.
Updated over 2 years ago
What’s Next
All the API endpoints