Understanding scopes Praxis Desk Kasse
Scopes are permissions that define which data an API access credential can read or modify. You assign scopes when creating an API access credential.
Available scopes
| Scope | Label | Description |
|---|---|---|
full_access | Full access | Access to all areas. Can only be granted by company owners. |
appointments | Appointments | Read appointments |
customers | Customers | Read, create, and edit customers |
services | Services | Read services |
company | Company | Read the company profile |
locations | Locations | Reserved for future features |
users | Staff | Reserved for future features |
medicals | Medical fee services | Read, create, and edit medical fee services |
Recommendation
Always grant only the permissions an application actually needs. If an application only reads appointments, the appointments scope is enough — full access is not necessary.
This principle of least privilege protects your data: if an API access credential ends up in the wrong hands, the potential damage is limited.
Related articles
- Set up API access
- Manage API access
- API reference: Scopes — Technical details for developers