Permission scopes

The Miro REST API and the Miro Web SDK implement user access control through scopes. Scopes define the permissions your app requires to work as designed and to interact with a board. You can select the scopes that your app requires when you create an app or update the scopes for your app at a later point in time via the App settings page. When users install your app, the selected scopes are displayed to request user consent.

Miro scopes contain a resource type and a read or write permission. For example, a scope of boards:read allows read-only access to boards, board members, items, or tags. A scope of boards:write allows to create, update, or delete boards, board members, items, or tags. If you want to retrieve information as well as create, update, or delete boards, board members, items, or tags, you need both the boards:read and boards:write scopes.

List of scopes

The following table lists various scopes and their availability per platform capability.

ScopeDescriptionWeb SDKREST APIEnterprise Plan Only
boards:exportExport boards within your organization as PDF with comments and talktrack
boards:readRetrieve information about boards, board members, or items
boards:writeCreate, update, or delete boards, board members, or items
microphone:listen
Access a user's microphone to record audio in an iFrame
screen:record
Access a user's screen to record it in an iFrame
webcam:record
Allows an iFrame to access a user's camera to record video
projects:read
Read project information, such as the list of projects, project settings, and project members.
projects:write
Create or delete projects, update project information, project settings, and project members.
organizations:read
Read information about the organization, such as name, plan, number of licenses, organization settings, or organization members.
organizations:teams:read
Read team information, such as the list of teams, team settings, team members, for an organization.
organizations:teams:write
Create or delete teams, update team information, team settings, team members, for an organization.

Scope usage

boards:read

The following table lists the methods that use the boards:read scope.


boards:write

The following table lists the methods that use the boards:write scope.


microphone:listen

The following table lists the methods that use the microphone:listen scope.

Open a modal                   Open a panel

screen:record

The following table lists the methods that use the screen:record scope.

Open a modal                   Open a panel

webcam:record

The following table lists the methods that use the webcam:record scope.

Open a modal                   Open a panel

projects:read (Enterprise plan only)

The following table lists the methods that use the projects:read scope.

Teams
List projects           
Get project
Project members
List project members               
Get project member
Project settings
Get project settings

projects:write (Enterprise plan only)

The following table lists the methods that use the projects:write scope.

Projects                 
Create project
Delete project
Project members
Add member in project
Remove project member from project
Update project member


Project settings
Update project settings           

organizations:read (Enterprise plan only)

The following table lists the methods that use the organizations:read scope.


organizations:teams:read (Enterprise plan only)

The following table lists the methods that use the organizations:teams:read scope.

Teams
List teams           
Get team
Team members
List team members               
Get team member
Team settings
Get team settings
Get default team settings
Data classification
Get team settings

organizations:teams:write (Enterprise plan only)

The following table lists the methods that use the organizations:teams:write scope.

Teams                 
Create team
Delete team
Update team

Team members
Invite team members
Delete team member from team
Update team member


Team settings
Update team settings           
Data classification
Update team settings