Overview of Miro's user access control through scopes, defining app permissions for interacting with boards and resources via REST API and Web SDK.
The Miro REST API and the Miro Web SDK implement user access control through scopes. Scopes define the permissions your app requires to work as designed and to interact with a board. You can select the scopes that your app requires when you create an app or update the scopes for your app at a later point in time via the App settings page. When users install your app, the selected scopes are displayed to request user consent.
Miro scopes contain a resource type and a read or write permission. For example, a scope of boards:read allows read-only access to boards, board members, items, or tags. A scope of boards:write allows to create, update, or delete boards, board members, items, or tags. If you want to retrieve information as well as create, update, or delete boards, board members, items, or tags, you need both the boards:read and boards:write scopes.
List of scopes
The following table lists various scopes and their availability per platform capability.
| Scope | Description | Web SDK | REST API | Enterprise Plan Only |
|---|---|---|---|---|
boards:export | Export boards within your organization as PDF with comments and talktrack | ✅ | ||
boards:read | Retrieve information about boards, board members, or items | ✅ | ✅ | |
boards:write | Create, update, or delete boards, board members, or items | ✅ | ✅ | |
microphone:listen | Access a user's microphone to record audio in an iFrame | ✅ | ||
identity:read | Read profile information for the current user, including email | ✅ | ||
screen:record | Access a user's screen to record it in an iFrame | ✅ | ||
webcam:record | Allows an iFrame to access a user's camera to record video | ✅ | ||
projects:read | Read project information, such as the list of projects, project settings, and project members. | ✅ | ||
projects:write | Create or delete projects, update project information, project settings, and project members. | ✅ | ||
organizations:read | Read information about the organization, such as name, plan, number of licenses, organization settings, or organization members. | ✅ | ||
organizations:teams:read | Read team information, such as the list of teams, team settings, team members, for an organization. | ✅ | ||
organizations:teams:write | Create or delete teams, update team information, team settings, team members, for an organization. | ✅ | ||
sessions:delete | Reset all sessions for a user, which ends all active Miro sessions across devices for a particular user, requiring the user to sign in again. | ✅ |