Florality
FeaturesPricingSecurityFAQAbout
Sign upSign in
Public REST APIv1

REST reference & guides

Public REST APIv1

REST reference & guides

Get started

  • Overview
  • Authentication
  • Scopes
  • Errors

API reference

  • Members
  • Groups
  • Entries
  • Front
  • Appearance
  • Custom fields
  • Trash
  • Search
  • Member statuses
  • Systems
  • Messaging
  • Privacy buckets
  • Terminology
  • Friends
  • Subscriptions
  • Billing
  • Import
  • Social
  • Guestbook & poll
  • Group layout
  • Activity
  1. Documentation
  2. Scopes
API keys
Florality

Organise your system. One front at a time.

Get startedSign in

Product

  • Features
  • Pricing
  • Public REST API
  • Security

Company

  • About
  • Our team
  • Changelog
  • Contact

Resources

  • FAQ
  • Trust & Safety
  • Privacy Policy
  • Terms of Service
  • Refunds and cancellation

© 2026 Florality. All rights reserved.

Privacy·Terms·

Scopes

Each key sets every resource to No access, Read, or Read + Write (none, read, read_write). There are no wildcards or omitted keys.

Manage keys under Settings → API keys; edit scopes per key on its scopes page.

Access levels

  • none: no access for that resource
  • read: read-only operations
  • read_write: read and write (includes read)

Resource keys

New scope keys may be added over time. Keys without a stored value for a resource default to none.

Scope pages do not define HTTP response bodies. For JSON examples of successful API calls and FORBIDDEN scope errors, see Members, Groups & folders, Entries, Front, Appearance, Custom fields, Trash, Search, Subscriptions, Activity, Member statuses, Systems, Messaging, Privacy buckets, Terminology, Friends, Billing, Import.

Some scopes are read-only on public REST today: granting read_write does not unlock extra routes until write endpoints exist. Examples: billing (entitlements and plan usage only; Stripe checkout stays in-app), subscriptions, search, activity.

groups and directories share one effective scope for /api/v1/groups (member collections and folder tree). Authorization uses the effective level: the higher of the two stored values. In the dashboard, one control (Groups & folders) updates both keys.

Scope keyLabel
membersMembers
groupsGroups & folders
directoriesGroups (legacy alias)
entriesEntries
frontFront / fronters
appearanceAppearance
customFieldsCustom fields
trashTrash
searchSearch
subscriptionsSubscriptions
activityActivity
memberStatusesMember statuses
systemsSystems
messagingMessaging
privacyBucketsPrivacy buckets
terminologyTerminology
friendsFriends
billingBilling
importImport
socialSocial profile
guestbookGuestbook
pollPoll
groupLayoutGroup layout