Principle of Least Privilege — Only request scopes that are essential for your app’s core functionality. You can always request additional permissions later if needed.
| Scope | Description |
|---|
forms:read | Read form configurations, fields, and settings |
forms:write | Create and update forms |
forms:delete | Delete forms |
Submissions
| Scope | Description |
|---|
submissions:read | Read form submissions and responses |
submissions:write | Update submission data |
submissions:delete | Delete form submissions |
| Scope | Description |
|---|
contacts:read | Read contacts and tags |
contacts:write | Create, update, and manage contacts and tags |
contacts:delete | Delete contacts |
Team
| Scope | Description |
|---|
team:read | Read team information |
team:write | Update team settings |
Webhooks
| Scope | Description |
|---|
webhooks:read | Read webhook configurations |
webhooks:write | Create and manage webhook subscriptions |
Analytics
| Scope | Description |
|---|
analytics:read | Read form analytics and insights |
Requesting Scopes
Include the scopes you need in the authorization URL as a space-separated list:
scope=forms:read submissions:read webhooks:read webhooks:write
Common Scope Combinations
Read-only Dashboard
View forms and submissions without making changes
forms:read submissions:read
Create and manage form configurations
forms:read forms:write
Full Integration
Complete access for building comprehensive integrations
forms:read forms:write submissions:read webhooks:read webhooks:write
Next Steps
