Scopes
A scope defines which permissions your application will obtain.
The principle of least privilege should be respected here. Only ask for or grant the permissions that are explicitly required.
You define the scopes required for your integration when creating your API Token within Nuki Web, or as part of the OAuth 2 Authorization Code.
| Scope | Description |
|---|---|
| account | View and manage your account |
| notification | View and manage your notifications |
| smartlock | View and manage your devices |
| smartlock.action | Operate your devices |
| smartlock.auth | View and manage your device authorizations |
| smartlock.config | Manage your device config |
| smartlock.log | View your activity logs and get log notifications |
| smartlock.readonly | View your devices |
| webhook.central | Receive notifications via webhooks for all state and information changes on your devices |
| webhook.decentral | Receive and forward notifications via webhooks for all state and information changes on your devices |
It is possible to combine multiple scopes in your authorization
Common scopes
Section titled “Common scopes”Allow the application to lock and unlock my smartlock: smartlock.action
Allow the application to create access for others, and allow them to lock and unlock my smartlock: smartlock.action smartlock.auth