Scopes
Each key sets every resource to No access, Read, or Read + Write (none, read, read_write). There are no wildcards or omitted keys.
Manage keys under Settings → API keys; edit scopes per key on its scopes page.
Access levels
none: no access for that resourceread: read-only operationsread_write: read and write (includes read)
Resource keys
New scope keys may be added over time. Keys without a stored value for a resource default to none.
Scope pages do not define HTTP response bodies. For JSON examples of successful API calls and FORBIDDEN scope errors, see Members, Groups & folders, Entries, Front, Appearance, Custom fields, Trash, Search, Subscriptions, Activity, Member statuses, Systems, Messaging, Privacy buckets, Terminology, Friends, Billing, Import.
Some scopes are read-only on public REST today: granting read_write does not unlock extra routes until write endpoints exist. Examples: billing (entitlements and plan usage only; Stripe checkout stays in-app), subscriptions, search, activity.
groups and directories share one effective scope for /api/v1/groups (member collections and folder tree). Authorization uses the effective level: the higher of the two stored values. In the dashboard, one control (Groups & folders) updates both keys.
| Scope key | Label |
|---|---|
members | Members |
groups | Groups & folders |
directories | Groups (legacy alias) |
entries | Entries |
front | Front / fronters |
appearance | Appearance |
customFields | Custom fields |
trash | Trash |
search | Search |
subscriptions | Subscriptions |
activity | Activity |
memberStatuses | Member statuses |
systems | Systems |
messaging | Messaging |
privacyBuckets | Privacy buckets |
terminology | Terminology |
friends | Friends |
billing | Billing |
import | Import |
social | Social profile |
guestbook | Guestbook |
poll | Poll |
groupLayout | Group layout |
