Token Scopes Reference
This page is designed to give you a clear reference of what all of the scopes mean when generating Metadata API access tokens.
It is imperative that you ensure only the scopes necessary for your use case are selected to avoid potential security risks.
Before you proceed
Please note that a Metadata API access token grants access to all workspaces in the instance the token was created.
Each scope offers four different permission settings, as follows.
C (Create)
Create new data defined within this scope
R (Read)
Read data defined within this scope
U (Update)
Update existing data defined within this scope
D (Delete)
Delete data defined within this scope
You can quickly add or remove all permission settings by hovering over them and clicking + or -

Workspace Database
Allows access to the database including table data and schema across all data sources
Workspace Content
Allows access to workspace-wide information such as datasources, branches, basic workspace information and exporting / importing data
Workspace Live Data Source
Allows specific access to the live (production) data source
Workspace API Groups
Allows access to APIs and API groups
Workspace Functions
Allows access to custom functions
Workspace Addons
Allows access to addons
Workspace Tasks
Allows access to tasks
Workspace Files
Allows access to public and private file storage
Workspace Request History
Allows access to your request history
What scopes should I use?
While it's hard to answer this question without specific knowledge of your use case, here are some examples of proper scoping that might make sense.
WeWeb
To use WeWeb's Xano plugin(s), you'll need the following scopes.
Workspace API Groups
WeWeb needs to be able to read information about your API groups and available APIs.
Workspace Content
WeWeb needs to know about your available workspaces.
Monitoring and Logging
For monitoring and logging tools, you might need the following scopes.
Workspace API Groups
For getting specific information about APIs it is monitoring
Workspace Content
General information about your available workspaces.
Workspace Request History
Specific request history data for parsing and logging
Last updated
Was this helpful?