Permalink
Fetching contributors…
Cannot retrieve contributors at this time
94 lines (78 sloc) 2.81 KB
---
parent: authorization
title: permissions
---
# Permissions <%= edit_link %>
A representation of the permissions granted to your app by
<%= settings.site_name.capitalize %> and a User.
<%= partial 'partials/toc' %>
## Obtainable Permissions
Each application is assigned the minimum set of permissions required to operate
based on its given description. To expand your application's set of acquirable
permissions shoot a mail at <<%= settings.api_email %>>.
<table>
<thead>
<tr>
<th>Code</th>
<th>Type</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>public</code></td>
<td>Application</td>
<td>All public resources*</td>
</tr>
<tr>
<td><code>favorites</code></td>
<td>User</td>
<td><%= link_to t('docs.apiv3.favorites'), '/api/v3/favorites' %></td>
</tr>
<tr>
<td><code>notifications</code></td>
<td>User</td>
<td><%= link_to t('docs.apiv3.notifications'), '/api/v3/notifications' %></td>
</tr>
<tr>
<td><code>publish_sku_review_actions</code></td>
<td>User</td>
<td><%= link_to 'Publishing Actions Related to SKU Reviews',
'/api/v3/sku',
anchor: 'retrieve-an-skus-reviews' %></td>
</tr>
<tr>
<td><code>current_user_profile</code></td>
<td>User</td>
<td><%= link_to 'Authorized User Profile', '/api/v3/user' %></td>
</tr>
</tbody>
</table>
<div class="alert alert-warning" role="alert">
<i class="fa fa-exclamation-triangle"></i>
You always have to specify your desired permissions.
</div>
<div class="alert alert-info" role="alert">
<i class="fa fa-info-circle"></i> You may specify desired permissions using the
<a href="/authorization/flows#application-token">
<span class="label label-default">scope</span>
</a>
parameter in authorization requests.
</div>
## Public Resources
Having obtained the public permission you can access the following resources:
* <%= link_to t('docs.apiv3.category'), '/api/v3/category/' %>
* <%= link_to t('docs.apiv3.sku'), '/api/v3/sku/' %>
* <%= link_to t('docs.apiv3.product'), '/api/v3/product/' %>
* <%= link_to t('docs.apiv3.shop'), '/api/v3/shop/' %>
* <%= link_to t('docs.apiv3.manufacturer'), '/api/v3/manufacturer/' %>
* <%= link_to t('docs.apiv3.search'), '/api/v3/search/' %>
* <%= link_to t('docs.apiv3.filter_groups'), '/api/v3/filter_groups/' %>
## User Resources
These permissions require that you have explicitly requested them using
the scope param.
Users consent will be required in order to grant any of those permissions.
You **must not** share these data with 3rd parties.
* <%= link_to t('docs.apiv3.user'), '/api/v3/user/' %>
* <%= link_to t('docs.apiv3.favorites'), '/api/v3/favorites/' %>
* <%= link_to t('docs.apiv3.notifications'), '/api/v3/notifications/' %>