Scopes

The following section lists the available scopes which partner applications can request when registering their OAuth clients with Tapkey.

All the scopes below are available for the grant types supported by Tapkey. To lean about the supported grant types, head to the Authorization Options for OAuth Apps page.

Each individual scope will give your application access to a set of operations in the Tapkey Management API. Head to the Operations section to check the endpoints available and which scopes they require.

Note that the Tapkey Mobile SDK requires certain special scopes listed at the bottom of this page.

General

Bound Locks, Cards and Contacts (Core Entities)

Scope identifier Access Level Description
read:core:entities Read-only Allows to view NFC transponders, locks and smartphone users.
write:core:entities Read and write Allows to manage NFC transponders, locks and smartphone users.

Grants

Scope identifier Access Level Description
read:grants Read-only Allows to list grants.
write:grants Read and write Allows to add and revoke grants.

Identity Provider Users

Scope identifier Access Level Description
read:ip:users Read-only Read access to users from external identity providers.
write:ip:users Read and write Allows to manage users from external identity providers.

Logs

Scope identifier Access Level Description
read:logs Read-only Read access to logs of locks.

Owner Accounts

Scope identifier Access Level Description
read:owneraccounts Read-only Allows to view owner accounts.
write:owneraccounts Read and write Allows to manage owner accounts.

Permissions

Scope identifier Access Level Description
read:owneraccount:permissions Read-only Allows to view owner account admins.
write:owneraccount:permissions Read and write Allows to manage owner account admins.

Only For Token Exchange Clients

The following scopes are only available on OAuth clients of the Token Exchange grant type. They are required for logging in and working with users within the Tapkey Mobile SDK.

Keys

Scope identifier Access Level Description
handle:keys Handle Allows to recieve and handle mobile keys.

Mobiles

Scope identifier Access Level Description
register:mobiles Register Allows to register new mobile device.

Users

Scope identifier Access Level Description
read:users Read-only Allows to view user data.