Skip to content

Understanding scopes Praxis Desk Kasse

Scopes are permissions that define which data an API access credential can read or modify. You assign scopes when creating an API access credential.

Available scopes

ScopeLabelDescription
full_accessFull accessAccess to all areas. Can only be granted by company owners.
appointmentsAppointmentsRead appointments
customersCustomersRead, create, and edit customers
servicesServicesRead services
companyCompanyRead the company profile
locationsLocationsReserved for future features
usersStaffReserved for future features
medicalsMedical fee servicesRead, create, and edit medical fee services

Recommendation

Always grant only the permissions an application actually needs. If an application only reads appointments, the appointments scope is enough — full access is not necessary.

This principle of least privilege protects your data: if an API access credential ends up in the wrong hands, the potential damage is limited.

Offisy GmbH