Permissions
Permissions define what resources apps can access on projects / organizations where they are installed.
Last updated
Permissions define what resources apps can access on projects / organizations where they are installed.
Last updated
The permissions for an app are configurable under the "Permissions" tab on an app's dashboard.
Note: we will be adding permissions gradually.
organization_info
- "Read"
organization_members
- "Read"
organization_warehouse
- "Read" / "Write"
organization_inventory
- "Read" / "Write" / "Request"
organization_projects
- "Read"
Read
The organization_info
permission gives the holder access to organization specific data. It is a required permission for installations. It also allows the holder to read all retirements that the organization holds. Only "Read" is supported currently.
Read
The organization_members
permission gives the holder access to metadata on all stakeholders of an organization. Most importantly the name and email. In future versions this will also include the kyc status of the stakeholder. Only "Read" is supported currently.
Read
Write
The organization_warehouse permission gives the holder access to an organization's warehouse. The "Read" portion gives the holder access to the inventory of the warehouse and reservations made in the warehouse. The "Write" portion allows the holder to reserve credits from the warehouse and then also finish that reservation which moves the credit from the warehouse to some receiver, either as a retirement or the credits themselves.
Read
Request
Write
The organization_inventory permission gives the holder access to an organization's inventory of carbon credits. The "Read" portion allows the holder to read all credits from the inventory of the organization and all requests made to that inventory. The "Request" portion allows the holder to request certain actions to be made. For example the holder of a "organization_inventory:request" permission can request the transfer of credits from the inventory to some other address / organization. The "Write" portion allows the holder to make specific credit actions on credits in the organization's inventory like transfer
, retire
and transfer_retire
.For example the holder of a "organization_inventory:request" permission can request the transfer of credits from the inventory to some other address / organization.
Read
Currently is not supported but will be.
examiner - "Read"
Read
The examiner permission gives the holder access to some superadmin / protected endpoints.