See related
Permissions required for common API requests
Last Update: Nov 2024 Est. Read Time:To check plan availability, see the pricing page.
To facilitate putting the principle of least privilege into practice, this article lists the narrowly-defined permissions needed to make some of the most common API requests. When multiple permissions are listed below a request, each listed permission alone grants access. Discretion should be exercised about which permission makes most sense to grant (i.e. user vs. admin) for your use case.
Customers
- GET: org.user.customer.read
- PATCH: org.user.customer.write
- PUT: org.user.customer.write
- POST: org.user.customer.write
- DELETE: org.admin.customer.delete
Conversations
- GET: org.user.conversation.read
- PATCH: org.user.conversation.write
- PUT: org.user.conversation.write
- POST: org.user.conversation.write
- DELETE: org.admin.conversation.delete
Messages
- GET: org.user.message.read
- PATCH: org.user.message.write
- PUT: org.user.message.write
- POST: org.user.message.write
Klasses
- GET (/klasses): org.user.klass.read, org.admin.klass.read
- GET (/klasses/{id}): org.user.kobject.read
- PUT: org.user.kobject.write
- POST: org.user.kobject.write
- DELETE: org.admin.kobject.delete
Shortcuts
- GET (/shortcuts): org.user.klass.read, org.admin.klass.read
- GET (/shortcuts/{id}): org.user.klass.read, org.admin.klass.read
- PUT: org.admin.content.shortcut.write, org.admin.shortcut.write
- POST: org.admin.content.shortcut.write, org.admin.shortcut.write
- DELETE: org.admin.content.shortcut.write, org.admin.shortcut.write
Searches
This endpoint is for searching via the API.
POST: org.user.search.read, org.admin.search.read
Users
- GET (/users/current): org.admin.user.read
- POST (/users/passwordreset): org.admin.user.write
Teams
- GET: org.user.team.read, org.admin.team.read
- POST: org.admin.team.write