Scopes

Scopes are a way to add permissions and rbac to your API. For example, you can create a scope called profile. That way when you create an API key for a user, you can assign the profile scope along with access like read, create, update, and delete.

​

Creating a Scope

There are two ways to create a scope.

​

Using the Dashboard

You can create a scope in the dashboard

​

Using the API

You can create a scope using the API or SDK. See how you can create a scope using the Create Scope API:

​

Using Scopes

You can easily add permissions to your API endpoints by adding scopes in Verify Request endpoint. This way, only the API keys with the required scopes will be considered VALID and can access your endpoint.

​

Considerations

• Scopes are associated with a Workspace.
• Scopes are free-form, meaning you can create a scope name panda without any meaning
• Scopes created on a workspace are then available to be added to an API key created under that workspace