Scopes are passed when requesting access token - they define what information can be requested from the API or what actions performed.
Most of the scopes can be suffixed with
_offline (for example,
balance_offline instead of
If such scope is confirmed by the user, client can get information about the user with default authentication
credentials - use of access token is not needed.
This allows to get user's ID and other identifiers with access token and then anywhere in the future request information using default credentials and these identifiers. In other words, scope gets permanently available even when not using access token.
Offline scopes are available only when using authorization code grant.
Offline scopes can be revoked by the user in Paysera system, so even if such scope is granted, client should
always expect to get
forbidden error when accessing user's information in the future.
Some of the scopes can be suffixed with
_optional, for example
In most cases you want optional scope also to be offline scope, although simple scope may also be optional.
If scope is both offline and optional,
_offline suffix must be followed by
Optional scopes allow to access user information without forcing her to immediately take action to confirm or reject
corresponding permissions. Information can be accessed only after the user takes specific actions in Paysera system
to meet conditions required by specific scope. Until then the error
not_found is received. Or in case
user resource, corresponding parameters are missing.
Extended scopes give permissions to make higher risk actions for the client
and thus requires special authorization from the user.
These scopes cannot be provided when requesting access token, but can be attached to access token when requesting
token refresh, providing
code value is code from SMS message, sent
to the user.
Scope list with their description and attributes are provided below.
|Get user's confirmed email address.||offline available optional available|
||Get user's confirmed phone number. User must add and validate phone number to accept request with this scope.||offline available optional available|
||Get user's address. User must input address if it was not yet provided to accept request with this scope.||offline available optional available|
||Get user's date of birth. If user is identified, this is confirmed information, otherwise user freely inputs it in the provided form.||offline available optional available|
||Get user's gender. If user is identified, this is confirmed information, otherwise user freely inputs it in the provided form.||offline available optional available|
||Get user's confirmed name and surname. User must perform authentication using one of available methods to identify herself to accept request with this scope.||offline available optional available|
||Get user's identification level. User must perform authentication using one of available methods to identify herself to accept request with this scope.||offline available optional available|
||Get user's confirmed name, surname, nationality and identification code. User must perform authentication using one of available methods to identify herself to accept request with this scope.||offline available optional available|
||Provide user's current position.||offline available|
||Provide, change and delete user's avatar.||offline available|
||Change and delete account descriptions.||offline available|
||Get balance of user's wallet.||offline available|
||Get response if a user has sufficient money in balance in a specific account.|
||Get account statements related to user's wallet.||offline available|
||Get list of user's enabled services or enable service for user.||offline available|
||Get most common beneficiaries for user's internal Paysera system payments.||offline available|
||Send transaction confirmation FLASH SMS. User must add and validate phone number to accept request with this scope.||offline available|
||Get list of all available wallets for user.||offline available|
||Access incoming pending payments for user's wallet and to provide passwords for them.||offline available|
||Access outgoing pending payments together with their passwords in plain text.||offline available|
||Access user's administered projects and their locations, make payments and other project-related actions for any of user's managed projects.||offline available|
||Access initiated transaction requests and send new transaction requests in the name of current user.||offline available|
||Access received transaction requests for current user.||offline available|
||Manage user's cards (create, edit, delete cards, link cards with accounts, also create and process deposit).||offline available|
||Get information about user identification such as personal code, provided documents||offline available|
||Get basic user information, such as selected locale.|
||Initiate transfers in user's behalf.|
||Make currency conversions in user's behalf.||extended scope|