OAuth Scopes

Understanding permission scopes

Scopes let you specify exactly what type of access you need from Signeasy users. Scopes limit access for OAuth access tokens. They do not grant any additional permission beyond that which the user already has.

When authorizing a Signeasy oauth app, requested scopes are displayed to the user on the authorization form.

Available Scopes

Scope

Resource

Description

user:read

User

Grants read access to profile & account information of the user.

files:read

Files

Grants read access to all types of files - original, pending, draft and signed.

original:read

Original Documents

Grants read access to only the original documents of the user.

original:create

Original Documents

Grants access to import new original documents to the user's account.

original:update

Original Documents

Grants access to make changes to the original documents of the user.

signed:read

Signed Documents

Grants read access to all signed documents of the user. This includes documents that are self-signed and signed via the Request Signature feature.

signed:create

Signed Documents

This scope is required for Embedded Sending, to open an original document to self-sign or send for signature (Request Signature).

signed:update

Signed Documents

Grants access to actions like rename and delete to the signed documents of the user.

rs:read

Request Signatures

Grants access to all the pending signature requests of the user.

rs:create

Request Signatures

This scope is required to initiate new signature requests on behalf of the user.

rs:update

Request Signatures

Grants access to actions like remind and void for all signature requests of the user.

rs:signingurl

Request Signatures

This scope is required for Embedded Signing, to get the signing links of a document in a signature request.

template:manage

Templates

Grants read, list, rename and delete access to all the templates of the user.

webhooks:manage

Webhooks

Grants access to read, update and create webhook URLs of the user.

offline_access

Refresh Token

Grants access to a user's resources when the user is not present.

In the Authorization Code Flow, you must include this scope to receive the refresh_token along with the access_token.

In the case of Authorization code flow, an oauth application can request for any of the scopes mentioned. The grant request page presented to the user will list each of the scopes with the description of the scope being requested by the application.

3578

An example grant request page.


What’s Next

All the API endpoints