Scopes and permissions

Every API request passes two checks: the token must include the right scope, and the user who created the token must have the matching workspace page permission.

Available scopes

tasks:read / tasks:write
kpis:read / kpis:write
okrs:read / okrs:write
wiki:read / wiki:write
bd_logs:read / bd_logs:write
chat:read / chat:write

Read scopes allow GET requests; write scopes allow POST and PATCH. Choose only what your integration needs.

Dual authorization

Token scope, e.g. bd_logs:write must be enabled on the PAT.
User permission, the token owner must have create/read on the matching workspace page (e.g. BD Log page for bd_logs).

A 403 Forbidden may mean missing scope or missing workspace role/permission. Check both when debugging.

Scope to page mapping

tasks → Tasks page
kpis → KPIs page
okrs → OKRs page
wiki → Wiki page
bd_logs → BD Log page
chat → Chat (conversation membership also required)

Scopes and permissions

Available scopes

Dual authorization

Scope to page mapping

Mehr dazu in {Ordner}