Scopes

Scopes specify the exact level of access needed, ensuring OAuth tokens are restricted to only the required resources. They do not grant any permissions beyond what the user already has.

Each scope represents a set of resources within our API. The list of resources accessible by the generated OAuth token is strictly limited to the scopes configured in the OAuth application.

How do scopes work

When you create a new OAuth application you will be able to select the scopes you want your app to have access to.

These scopes will be sent through the URL when requesting the authorization code:

https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code

Then the client will review the scopes sent though the URL and authorize/deny the app access to these.

Once the user authorizes the app to access the requested scopes, you can continue to request the access token. The access token generated will be restricted to the authorized scopes.

Update OAuth applications scopes (Coming Soon!)

You will be able to update scopes from an existing OAuth application.

NOTE: If you change the scopes in an already existing OAuth app, the already-generated tokens will become outdated so the client will need to re-authorize the app to be able to re-generate the OAuth tokens with the updated scopes list. Once a new token is generated with the new scopes, previous tokens related to that company will be revoked.

Scopes list

Currently, our scopes allow both read and write actions within the resources.

Scope	Endpoints
banking	`Banking > BankAccount` `Banking > BankAccountNumber > Upserts` `Banking > Transaction`
company_legal_entities	`Companies > Legal Entities`
company_holidays	`Holidays > CompanyHoliday`
company_locations	`Locations > Location` `Locations > WorkArea`
contracts	`Contracts > Compensation` `Contracts > ContractTemplate` `Contracts > ContractVersion` `Contracts > FrenchContractType` `Contracts > GermanContractType` `Contracts > PortugueseContractType` `Contracts > ReferenceContract` `Contracts > SpanishContractType` `Contracts > SpanishEducationLevel` `Contracts > SpanishProfessionalCategory` `Contracts > Taxonomy`
custom_fields	`CustomFields > Field` `CustomFields > Option` `CustomFields > ResourceField` `CustomFields > Value` `CustomResources > Schema` `CustomResources > Value`
documents	`Documents > Document` `Documents > DownloadUrl`
employees	`Employees > Employee` `Teams > Membership` `Teams > Team`
employee_updates	`BookkeepersManagement > Incidence` `EmployeeUpdates > Absence` `EmployeeUpdates > ContractChange` `EmployeeUpdates > NewHire` `EmployeeUpdates > PersonalChange` `EmployeeUpdates > Summary` `EmployeeUpdates > Termination`
expenses	`Expenses > Expensable` `Expenses > Expense` `Expenses > Milage` `Expenses > PerDiem`
finance	`Finance > Account` `Finance > AccountSetting` `Finance > Contact` `Finance > CostCenter` `Finance > CostCenterMembership` `Finance > FinancialDocument` `Finance > JournalEntry` `Finance > JournalLine` `Finance > TaxRate` `Finance > TaxType`
integrations	`PayrollIntegrationsBase > Code`
job_catalog	`JobCatalog > Level` `JobCatalog > Role`
marketplace	`Marketplace > InstallationSettings`
payroll	`Payroll > FamilySituations` `Payroll > PolicyPeriod` `PayrollEmployees > Identifier`
payroll_supplements	`Payroll > Supplement`
performance	`Performance > Agreement` `Performance > CompanyEmployeeScoreScale` `Performance > EmployeeScoreScale` `Performance > ReviewEmployeeScore` `Performance > ReviewEvaluation` `Performance > ReviewEvaluationAnswer` `Performance > ReviewOwner` `Performance > ReviewProcess` `Performance > ReviewEstimatedTarget` `Performance > ReviewProcessTarget` `Performance > ReviewQuestionnarieByStrategy` `Performance > ReviewVisibilitySetting` `Performance > TargetManager`
posts	`Posts > Comment` `Posts > Group` `Posts > Post`
project_management_expenses	`ProjectManagement > ExpenseRecord` `ProjectManagement > ExportableExpense` `ProjectManagement > ExportableProject`
project_management_projects	`ProjectManagement > Project` `ProjectManagement > ProjectTask` `ProjectManagement > ProjectWorker` `ProjectManagement > Subproject`
project_management_time	`ProjectManagement > FlexibleTimeRecord` `ProjectManagement > FlexibleTimeRecordComment` `ProjectManagement > TimeRecord`
shift_management	`ShiftManagement > Shift`
tasks	`Tasks > Task` `Tasks > TaskFile`
time_off	`Timeoff > Allowance` `Timeoff > AllowanceIncidence` `Timeoff > AllowanceStat` `Timeoff > BlockedPeriod` `Timeoff > Leave` `Timeoff > LeaveType` `Timeoff > Policy` `Timeoff > PolicyAssignment` `Timeoff > PolicyTimeline`
time_tracking	`Attendance > BreakConfiguration` `Attendance > EditTimesheetRequest` `Attendance > EstimatedTime` `Attendance > OpenShift` `Attendance > OvertimeRequest` `Attendance > Shift` `Attendance > WorkedTime` `TimePlanning > PlanningVersion` `TimeSettings > BreakConfiguration` `WorkSchedule > DayConfiguration` `WorkSchedule > OverlapPeriod` `WorkSchedule > Schedule`
trainings	`Trainings > Category` `Trainings > Session` `Trainings > SessionAccessMembership` `Trainings > SessionAttendance` `Trainings > Training` `Trainings > TrainingMembership`
recruitment	`Ats > Answer` `Ats > Application` `Ats > ApplicationPhase` `Ats > Candidate` `Ats > CandidateSource` `Ats > EvaluationForm` `Ats > Feedback` `Ats > HiringStage` `Ats > JobPosting` `Ats > Message` `Ats > Question` `Ats > RejectionReason`