Automation Cloud Public Sector
Banner background image
Automation Cloud for Public Sector API Guide
Last updated 2024年3月27日

About scopes and permissions

Scopes and permissions manage the granularity of access to APIs. Scopes define high-level categories of actions that a user or application can perform, permissions provide fine-grained control over specific operations on resources.

Scopes and permissions pertain to OAuth or personal access tokens which provide a granular approach to access control, ensuring a secure and tailored experience.


Scopes define your application level of access to the UiPath resources.

For example, to generate an authentication token for your application, you pass in several scopes. When your application makes an API call to access a resource, the token is validated against the resource scopes. If the resource is included in the scopes you passed in at token request, the call is successful, and it further checks for user permissions per endpoint (Read permissions for GET requests, and Write permissions for POST, PUT, or DELETE requests). Otherwise, the server rejects the call.


Permissions grant users the access to a specific functionality inside a resource. After your application successfully accesses the resource, the server checks if the authenticated user has the right permission for the corresponding method of the endpoint.

For example, you may restrict some users from deleting or updating user groups, but they can still view them.

Commonly, GET methods require Read permissions, while POST, PUT, and DELETE methods require Write permissions.

  • Scopes
  • Permissions

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.