API Key grants are used to limit the permissions of an issued API Key. Each API includes a list of which grants allow that action to be performed.
Unlike OAuth 2.0 access scopes, API Key grants are not product-specific.
Grants contain increasing levels of permissions with Read
being the least permission, and Admin
being the greatest. If a parent grant is given, all children permissions are included. For example, requesting DocumentEdit
includes all permissions given in DocumentRead
, etc.
Grant | Description |
---|---|
DocumentRead | View and download any of your own documents. |
DocumentEdit | Create, view, edit, and delete any of your own documents. |
DocumentAdmin | Search documents across your account. |
FolderRead | View any of your own folders and list their contents. |
FolderEdit | Create, edit, share, and delete any of your own folders. Organize your folders and their contents. |
FolderAdmin | Search folders across your account. |
User | View basic information about you (e.g., full name, username, and email). |
AccountRead | View basic information about your account (e.g., account ID and account name). View basic information about users on your account. |
AccountEdit | Create, edit, and delete users on your account. |
LegalHoldRead | View legal holds on your account. View which users have legal holds. View which documents are under legal hold. |
LegalHoldEdit | Create, edit, and delete legal holds on your account. Add or remove users from a legal hold. |