API Key grants are used to limit the permissions of an issued API Key. Each API includes a list of which grants allow that action to be performed.
Unlike OAuth 2.0 access scopes, API Key grants are not product-specific.
Grants contain increasing levels of permissions with Read being the least permission, and Admin being the greatest. If a parent grant is given, all children permissions are included. For example, requesting DocumentEdit includes all permissions given in DocumentRead, etc.
| Grant | Description |
|---|---|
| DocumentRead | View and download any of your own documents. |
| DocumentEdit | Create, view, edit, and delete any of your own documents. |
| DocumentAdmin | Search documents across your account. |
| FolderRead | View any of your own folders and list their contents. |
| FolderEdit | Create, edit, share, and delete any of your own folders. Organize your folders and their contents. |
| FolderAdmin | Search folders across your account. |
| User | View basic information about you (e.g., full name, username, and email). |
| AccountRead | View basic information about your account (e.g., account ID and account name). View basic information about users on your account. |
| AccountEdit | Create, edit, and delete users on your account. |
| LegalHoldRead | View legal holds on your account. View which users have legal holds. View which documents are under legal hold. |
| LegalHoldEdit | Create, edit, and delete legal holds on your account. Add or remove users from a legal hold. |