Skip to main content
This page is designed to give you a clear reference of what all of the scopes mean when generating Metadata API access tokens. It is imperative that you ensure only the scopes necessary for your use case are selected to avoid potential security risks.

Before you proceed

Please note that a Metadata API access token grants access to all workspaces in the instance the token was created. Each scope offers four different permission settings, as follows.
  • C (Create)
    • Create new data defined within this scope
  • R (Read)
    • Read data defined within this scope
  • U (Update)
    • Update existing data defined within this scope
  • D (Delete)
    • Delete data defined within this scope
You can quickly add or remove all permission settings by hovering over them and clicking + or -
ScopeDescription
Workspace DatabaseAllows access to the database including table data and schema across all data sources
Workspace ContentAllows access to workspace-wide information such as datasources, branches, basic workspace information and exporting / importing data
Workspace Live Data SourceAllows specific access to the live (production) data source
Workspace API GroupsAllows access to APIs and API groups
Workspace FunctionsAllows access to custom functions
Workspace AddonsAllows access to addons
Workspace TasksAllows access to tasks
Workspace FilesAllows access to public and private file storage
Workspace Request HistoryAllows access to your request history

What scopes should I use?

While it’s hard to answer this question without specific knowledge of your use case, here are some examples of proper scoping that might make sense.

WeWeb

To use WeWeb’s Xano plugin(s), you’ll need the following scopes.
ScopeCRUDWhy?
Workspace API Groups✅️WeWeb needs to be able to read information about your API groups and available APIs.
Workspace Content✅️WeWeb needs to know about your available workspaces.

Monitoring and Logging

For monitoring and logging tools, you might need the following scopes.
ScopeCRUDWhy?
Workspace API Groups✅️For getting specific information about APIs it is monitoring
Workspace Content✅️General information about your available workspaces.
Workspace Request History✅️Specific request history data for parsing and logging
I