Scopes

Whether your authentication flow is implemented with a regular auth link or with Direct Bank Authentication, a set of space separated scopes need to be included in the scope parameter. Those represent the permissions that the client can request on behalf of the end user. Therefore they will limit the endpoints you are authorised to access in the Data API.

Scope	Description	API Endpoint
`info`	Allows access to End user’s identity information held by the Provider	`/data/v1/info`
`accounts`	Allows access to End user’s account numbers and details	`/data/v1/accounts`, `/data/v1/accounts/${account_id}`
`accounts + balance`	Allows access to End user’s account balances	`/data/v1/accounts/${account_id}/balance`
`accounts + transactions`	Allows access to End user’s account transactions	`/data/v1/accounts/${account_id}/transactions`
`accounts + transactions + balance`	Allows access to End user’s account transactions along with running balance	`/data/v1/accounts/${account_id}/transactions`
`cards`	Allows access to End user’s card numbers and details	`/data/v1/cards`, `/data/v1/cards/${account_id}`
`cards + balance`	Allows access to End user’s card balances	`/data/v1/cards/${account_id}/balance`
`cards + transactions`	Allows access to End user’s card transactions	`/data/v1/cards/${account_id}/transactions`
`cards + transactions + balance`	Allows access to End user’s card transactions along with running balance	`/data/v1/cards/${account_id}/transactions`
`offline_access`	Allows access to End user’s data after the short-lived `access_token` expires. When this permission is granted a `refresh_token` will be returned	`refresh_token`
`direct_debits`	Allows access to End user’s direct debits (Open Banking providers only)	`/data/v1/accounts/${account_id}/direct_debits`
`standing_orders`	Allows access to End user’s standing orders (Open Banking providers only)	`/data/v1/accounts/${account_id}/standing_orders`