Scopes
Scopes control which endpoints and operations a Web API token can access.
snapshots:read
Read access to Snapshot survey data, teams, tags, and related reference data.
| Method | Endpoint | Description |
|---|---|---|
| GET | snapshots.list |
List all completed Snapshots |
| GET | snapshots.info |
Get detailed results for a Snapshot |
| GET | snapshots.driverComments.list |
List driver (sentiment) comments |
| GET | snapshots.csatComments.list |
List CSAT comments |
| GET | teams.list |
List teams |
| GET | teams.info |
Get team details |
| GET | teams.findByMembers |
Find a team by its members |
| GET | teams.auditTrail |
Get team audit trail |
| GET | users.findByGithubUsername |
Find a user by GitHub username |
snapshots:admin
Elevated Snapshot access: export raw data files and manage org-structure imports. The snapshots:read scope is also required for all endpoints below.
| Method | Endpoint | Description |
|---|---|---|
| GET | snapshots.getFile |
Download a completed Snapshot as an Excel file |
| POST | orgfiles.teamHierarchy.process |
Process and import a team hierarchy |
| POST | orgfiles.teamHierarchy.preview |
Preview a team hierarchy import without applying it |
| GET | orgfiles.teamHierarchy.get |
Get the status or result of a team hierarchy import |
catalog:read
Read access to the Software Catalog — entities, types, relations, and properties.
| Method | Endpoint | Description |
|---|---|---|
| GET | catalog.entities.list |
List Catalog entities |
| GET | catalog.entities.info |
Get details for a Catalog entity |
| GET | catalog.entities.scorecards |
List Scorecards associated with an entity |
| GET | catalog.entities.tasks |
Get initiative tasks for an entity |
| GET | catalog.entityTypes.list |
List entity types |
| GET | catalog.entityTypes.info |
Get details for an entity type |
| GET | catalog.relations.list |
List relation definitions |
| GET | catalog.relations.info |
Get details for a relation definition |
| GET | catalog.relationEdges.list |
List relation edges between entities |
catalog:write:entities
Write access to Catalog entities, types, and relations.
| Method | Endpoint | Description |
|---|---|---|
| POST | catalog.entities.create |
Create a new entity |
| POST | catalog.entities.update |
Update an existing entity |
| POST | catalog.entities.upsert |
Create or update an entity |
| POST | catalog.entities.delete |
Delete an entity |
| POST | catalog.entityTypes.create |
Create a new entity type |
| POST | catalog.entityTypes.update |
Update an existing entity type |
| POST | catalog.entityTypes.delete |
Delete an entity type |
| POST | catalog.relations.create |
Create a new relation definition |
| POST | catalog.relations.update |
Update a relation definition |
| POST | catalog.relations.delete |
Delete a relation definition |
| POST | catalog.relationEdges.add |
Add a relation edge between two entities |
| POST | catalog.relationEdges.bulkUpsert |
Bulk-add or update relation edges |
| POST | catalog.relationEdges.remove |
Remove a relation edge |
scorecards:read
Read access to Scorecards and Initiatives.
| Method | Endpoint | Description |
|---|---|---|
| GET | scorecards.list |
List Scorecards |
| GET | scorecards.info |
Get details for a Scorecard |
| GET | initiatives.list |
List Initiatives |
| GET | initiatives.info |
Get details for an Initiative |
| GET | initiatives.progressReport |
Get an Initiative progress report |
scorecards:write
Write access to Scorecard definitions. Requires Data Studio access in addition to this scope.
| Method | Endpoint | Description |
|---|---|---|
| POST | scorecards.create |
Create a new Scorecard |
| POST | scorecards.update |
Update an existing Scorecard |
| POST | scorecards.delete |
Delete a Scorecard |
workflows:read
Read access to Self-Service Workflows.
| Method | Endpoint | Description |
|---|---|---|
| GET | workflows.list |
List available Workflows |
| GET | workflowRuns.info |
Get details for a Workflow Run |
workflowRuns:trigger
Permission to trigger Self-Service Workflow runs.
| Method | Endpoint | Description |
|---|---|---|
| POST | workflowRuns.trigger |
Start a new Workflow Run |
workflowRuns:writeEvents
Permission to post events and status updates into a running Workflow Run.
| Method | Endpoint | Description |
|---|---|---|
| POST | workflowRuns.postMessage |
Post a message to a Workflow Run |
| POST | workflowRuns.addLink |
Add a link to a Workflow Run |
| POST | workflowRuns.changeStatus |
Change the status of a Workflow Run |
platformx:manage
Manage PlatformX projects.
| Method | Endpoint | Description |
|---|---|---|
| GET | platformx.projects.list |
List PlatformX projects (paginated) |
| POST | platformx.projects.create |
Create a PlatformX project |
userGroups:read
Read access to Frontline user groups.
| Method | Endpoint | Description |
|---|---|---|
| GET | userGroups.list |
List Frontline user groups |
| GET | userGroups.get |
Get details for a Frontline user group |
userGroups:write
Write access to Frontline user groups.
| Method | Endpoint | Description |
|---|---|---|
| POST | userGroups.create |
Create a Frontline user group |
| POST | userGroups.update |
Update a Frontline user group |
| POST | userGroups.delete |
Delete a Frontline user group |
users:read
Read access to user profiles.
| Method | Endpoint | Description |
|---|---|---|
| GET | users.list |
List all users with profile and team details |
users:write
Write access to user profiles and custom attributes.
| Method | Endpoint | Description |
|---|---|---|
| POST | users.update |
Update a user’s profile (email, start date, source system usernames, etc.) |
| POST | users.attributes.update |
Upsert custom user attribute values |
teams:manage
Permission to manage org-structure files. The snapshots:read scope is also required.
| Method | Endpoint | Description |
|---|---|---|
| GET | orgfiles.list |
List previously uploaded org CSV files |
| POST | orgfiles.upload |
Upload an org structure CSV file |
accountSettings:read
Read access to account-level configuration.
| Method | Endpoint | Description |
|---|---|---|
| GET | accountSettings.info |
Get SSO/identity-provider configuration and session settings |
apiKeys:read
Read access to organization-level API key records.
| Method | Endpoint | Description |
|---|---|---|
| GET | apiKeys.list |
List organization API keys |
auditLogs:read
Read access to the audit log.
| Method | Endpoint | Description |
|---|---|---|
| GET | auditLogs.list |
Retrieve a paginated list of audit log entries |
datacloud:query
Permission to execute queries against your raw engineering data. Requires Data Studio access in addition to this scope.
| Method | Endpoint | Description |
|---|---|---|
| POST | studio.queryRuns.execute |
Execute a SQL query |
| GET | studio.queryRuns.info |
Get the status of a query run |
| GET | studio.queryRuns.results |
Retrieve results from a completed query run |
studio:reports:read
Read access to Data Studio Reports. Requires Data Studio access in addition to this scope.
| Method | Endpoint | Description |
|---|---|---|
| GET | studio.reports.list |
List Data Studio Reports |
| GET | studio.reports.info |
Get configuration and metadata for a Report |
studio:reports:write
Write access to Data Studio Reports. Requires Data Studio access in addition to this scope.
| Method | Endpoint | Description |
|---|---|---|
| POST | studio.reports.create |
Create a new Data Studio Report |
| POST | studio.reports.update |
Update an existing Report |
| POST | studio.reports.delete |
Delete a Report |