Overview

All endpoints you can call in Workflow API require one or more specific scopes to be present in the access token, depending on the nature of endpoint and the data it operates against. Each individual scope can be considered to be a form of access privilege granting specific access to specific type or group of data; in much the same way when an user account has specific privileges assigned to it such as ability to administer a Workflow board (for instance).

During authentication and authorization phase when obtaining access tokens, Applixure Authentication Server is requested to assign number of scopes for the generated access token that then limits what operations that access token is allowed to perform. These scopes then has to be based or limited by the powers and privileges assigned to what ever authentication primitive was used to request that access token - in case of Applixure Workflow either user account's role assignments for Workflow Account and Board or API key's set of allowable scopes i.e. permissions.

Scopes supported by Workflow are generally divided between read and read/write ("manage") rights for different categories of object types supported by Applixure Workflow. With only read scopes only reading of such data is allowed, while with manage scopes changes - including creation and deletion - are also allowed.

Currently supported scopes for Workflow