Permission scopes

The Miro REST API and the Miro Web SDK implement user access control through scopes. Scopes define the permissions your app requires to work as designed and to interact with a board. You can select the scopes that your app requires when you create an app or update the scopes for your app at a later point in time via the App settings page. When users install your app, the selected scopes are displayed to request user consent.

Miro scopes contain a resource type and a read or write permission. For example, a scope of boards:read allows read-only access to boards, board members, items, or tags. A scope of boards:write allows to create, update, or delete boards, board members, items, or tags. If you want to retrieve information as well as create, update, or delete boards, board members, items, or tags, you need both the boards:read and boards:write scopes.

List of scopes

The following table lists various scopes and their availability per platform capability.

Scope	Description	Web SDK	REST API	Enterprise Plan Only
`boards:export`	Export boards within your organization as PDF with comments and talktrack			✅
`boards:read`	Retrieve information about boards, board members, or items	✅	✅
`boards:write`	Create, update, or delete boards, board members, or items	✅	✅
`microphone:listen`	Access a user's microphone to record audio in an iFrame	✅
`screen:record`	Access a user's screen to record it in an iFrame	✅
`webcam:record`	Allows an iFrame to access a user's camera to record video	✅
`projects:read`	Read project information, such as the list of projects, project settings, and project members.			✅
`projects:write`	Create or delete projects, update project information, project settings, and project members.			✅
`organizations:read`	Read information about the organization, such as name, plan, number of licenses, organization settings, or organization members.			✅
`organizations:teams:read`	Read team information, such as the list of teams, team settings, team members, for an organization.			✅
`organizations:teams:write`	Create or delete teams, update team information, team settings, team members, for an organization.			✅

Scope usage

boards:read

The following table lists the methods that use the boards:read scope.

Boards Get specific board Get boards	Board members Get all board members Get specific board member	Items Get items on board Get specific item on board
App card items Get app card item	Card items Get card item	Document items Get document item
Embed items Get embed item	Frame items Get frame item Get items within frame	Image items Get image item
Shape items Get shape item	Sticky note items Get sticky note item	Text items Get text item
Tags Get tag Get tags from item Get tags from board Get items by tag	Data classification (Enterprise plan only) Get board classification

boards:write

The following table lists the methods that use the boards:write scope.

Boards Create board Copy board Update board Delete board Share board	Board members Update board member Remove board member	Items Update item position or parent Delete item
App card items Create app card item Update app card item Delete app card item	Card items Create card item Update card item Delete card item	Document items Create document item using URL Create document item using file from device Update document item using URL Update document item using file from device Delete document item
Embed items Create embed item Update embed item Delete embed item	Frame items Create frame item Update frame item Delete frame item	Image items Create image item using URL Create image item using file from device Update image item using URL Update image item using file from device Delete image item
Shape items Create shape item Update shape item Delete shape item	Sticky note items Create sticky note item Update sticky note item Delete sticky note item	Text items Create text item Update text item Delete text item
Tags Create tag Attach tag to item Update tag Remove tag from item Delete tag	Data classification (Enterprise plan only) Bulk update boards classification Update board classification

microphone:listen

The following table lists the methods that use the microphone:listen scope.

Open a modal Open a panel

screen:record

The following table lists the methods that use the screen:record scope.

Open a modal Open a panel

webcam:record

The following table lists the methods that use the webcam:record scope.

Open a modal Open a panel

projects:read (Enterprise plan only)

The following table lists the methods that use the projects:read scope.

Teams
List projects
Get project

Project members
List project members
Get project member

Project settings
Get project settings

projects:write (Enterprise plan only)

The following table lists the methods that use the projects:write scope.

Projects
Create project
Delete project

Project members
Add member in project
Remove project member from project
Update project member

Project settings
Update project settings

organizations:read (Enterprise plan only)

The following table lists the methods that use the organizations:read scope.

Organizations
Get organization member
Get organization members by cursor
Get organization info

Data classification
Get organization settings

organizations:teams:read (Enterprise plan only)

The following table lists the methods that use the organizations:teams:read scope.

Teams List teams Get team	Team members List team members Get team member	Team settings Get team settings Get default team settings
Data classification Get team settings

organizations:teams:write (Enterprise plan only)

The following table lists the methods that use the organizations:teams:write scope.

Teams Create team Delete team Update team	Team members Invite team members Delete team member from team Update team member	Team settings Update team settings
Data classification Update team settings