Ordoo applications carry permissions that describe the access level for user-level authentication. App permissions are configured per application.
The following scopes can be set on an applied:
Scope Name | Description |
| Allows access to see the details of orders placed at an authenticated users stores. Also allows subscriptions to be setup for the following events:
|
| Allows you to progress orders placed at an authenticated users stores. |
| Allows access to read collections, products, traits and trait options. Also allows subscriptions to be setup for the following events:
|
| Allows access to create update or destroy collections, products, traits or trait options. |
| Allows you to see information about authenticated users stores. |
| Allows you to modify information on authenticated users stores such as set tables. |
If a permission level is changed, any user tokens already issued to that Ordoo app must be discarded and users must re-authorise the application in order for the token to inherit the updated permissions.
A good practice is to request only the minimum level of access to a customers data that the application requires.