DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS /// DOCS

API·CONCEPTS·SCOPES PERMISSIONS

Scopes & permissions

Scopes are space-separated capabilities attached to an API key.

The grammar

Scopes follow <resource>:<action>:

Scope	Grants
`tables:read`	List tables, get one table, list records, get one record
`tables:write`	Create, update, delete records
`pages:read`	List pages, get one page
`skills:read`	List skills, get one skill
`tasks:read`	List tasks, get one task

How checks happen

Every endpoint declares the scope(s) it requires. A request is allowed only if the key carries all required scopes. Mismatch → 403 forbidden.

Minting tight keys

When you create a key, grant only the scopes the integration actually needs. A reporting script that only reads tasks only needs tasks:read — don't add tables:write "just in case." Tighter keys make leaks less damaging.