OAuth Scopes

Understanding permission scopes

Scopes let you specify exactly what type of access you need from Signeasy users. Scopes limit access for OAuth access tokens. They do not grant any additional permission beyond that which the user already has.

When authorizing a Signeasy oauth app, requested scopes are displayed to the user on the authorization form.

Available Scopes

ScopeResourceDescription
user:readUserGrants read access to profile & account information of the user.
files:readFilesGrants read access to all types of files - original, pending, draft and signed.
original:readOriginal DocumentsGrants read access to only the original documents of the user.
original:createOriginal DocumentsGrants access to import new original documents to the user's account.
original:updateOriginal DocumentsGrants access to make changes to the original documents of the user.
signed:readSigned DocumentsGrants read access to all signed documents of the user. This includes documents that are self-signed and signed via the Request Signature feature.
signed:createSigned DocumentsThis scope is required for Embedded Sending, to open an original document to self-sign or send for signature (Request Signature).
signed:updateSigned DocumentsGrants access to actions like rename and delete to the signed documents of the user.
rs:readRequest SignaturesGrants access to all the pending signature requests of the user.
rs:createRequest SignaturesThis scope is required to initiate new signature requests on behalf of the user.
rs:updateRequest SignaturesGrants access to actions like remind and void for all signature requests of the user.
rs:signingurlRequest SignaturesThis scope is required for Embedded Signing, to get the signing links of a document in a signature request.
template:manageTemplatesGrants read, list, rename and delete access to all the templates of the user.
webhooks:manageWebhooksGrants access to read, update and create webhook URLs of the user.
offline_accessRefresh TokenGrants access to a user's resources when the user is not present.

In the Authorization Code Flow, you must include this scope to receive the refresh_token along with the access_token.

In the case of Authorization code flow, an oauth application can request for any of the scopes mentioned. The grant request page presented to the user will list each of the scopes with the description of the scope being requested by the application.

35783578

An example grant request page.