Scopes / Permission

Daftar permission yang tersedia untuk API key API.

Scopes menentukan hak akses API key. Jika sebuah endpoint membutuhkan scope tertentu dan API key tidak memilikinya, request akan ditolak.

Daftar Scopes

AreaScope
Ordersorders:read
Ordersorders:write
Ordersorders:delete
Checkoutcheckout:read
Couponscoupons:read
Couponscoupons:write
Couponscoupons:delete
Productsproducts:read
Productsproducts:write
Productsproducts:delete
Subscriptionssubscriptions:read
Subscriptionssubscriptions:write
Subscriptionssubscriptions:delete
Commissionscommissions:read
Commissionscommissions:write
Commissionscommissions:delete
Affiliatesaffiliates:read
Usersusers:read
Usersusers:write
Usersusers:delete
Sessionssessions:write
User Groupsuser-groups:read
Locationslocations:read
Accessaccess:read
Accessaccess:write
Accessaccess:delete
Remindersreminders:read
Remindersreminders:write
Confirmationsconfirmations:read
Confirmationsconfirmations:write
Confirmationsconfirmations:delete
Paymentspayments:read
Paymentspayments:write
Licenseslicenses:read
Licenseslicenses:write

Contoh Kombinasi Scopes

Integrasi laporan order

text
orders:read
products:read
users:read

Integrasi checkout

text
checkout:read
products:read
coupons:read
orders:write

Integrasi admin produk dan order

text
products:read
products:write
orders:read
orders:write
orders:delete

Dashboard affiliate internal

text
affiliates:read
commissions:read
products:read

Membuat user-session untuk endpoint /me

text
sessions:write

Gunakan scope ini hanya pada API key yang disimpan di backend/internal app, bukan di frontend publik.

Rekomendasi

Gunakan prinsip least privilege: berikan hanya scope yang benar-benar dibutuhkan oleh integrasi.

Last updated Jul 6, 2026