Token Scopes Reference

This page is designed to give you a clear reference of what all of the scopes mean when generating Metadata API access tokens.

It is imperative that you ensure only the scopes necessary for your use case are selected to avoid potential security risks.

Before you proceed

Please note that a Metadata API access token grants access to all workspaces in the instance the token was created.

Each scope offers four different permission settings, as follows.

You can quickly add or remove all permission settings by hovering over them and clicking + or -

Scope

Description

Workspace Database

Allows access to the database including table data and schema across all data sources

Workspace Content

Allows access to workspace-wide information such as datasources, branches, basic workspace information and exporting / importing data

Workspace Live Data Source

Allows specific access to the live (production) data source

Workspace API Groups

Allows access to APIs and API groups

Workspace Functions

Allows access to custom functions

Workspace Addons

Allows access to addons

Workspace Tasks

Allows access to tasks

Workspace Files

Allows access to public and private file storage

Workspace Request History

Allows access to your request history

While it's hard to answer this question without specific knowledge of your use case, here are some examples of proper scoping that might make sense.

To use WeWeb's Xano plugin(s), you'll need the following scopes.

For monitoring and logging tools, you might need the following scopes.

Last updated 2 months ago

Was this helpful?