Bokio uses scopes to control access to different resources and operations in the API. Scopes provide fine-grained permission control, allowing integrations to request only the specific access they need to function properly.
How Scopes Work
Scopes follow a consistent naming pattern: {resource}:{action}. For example:
journal-entries:read- Read access to journal entriesjournal-entries:write- Write access to journal entriesinvoices:read- Read access to invoices
When multiple scopes are required, they are combined in a space-delimited string format:
journal-entries:read journal-entries:write invoices:readBest Practices
- Principle of Least Privilege: Only request the scopes that are absolutely necessary for your integration to function
- Separate Read/Write Access: Consider whether your integration truly needs write access or if read-only/write-only access is sufficient
- Regular Review: Periodically review your integration's scope requirements as functionality evolves
Available Scopes
| Resource | Read Scope | Write Scope | Description |
|---|---|---|---|
| Journal Entries | journal-entries:read | journal-entries:write | Access to accounting journal entries |
| Uploads | uploads:read | uploads:write | Access to uploaded documents and files |
| Invoices | invoices:read | invoices:write | Access to invoice data |
| Customers | customers:read | customers:write | Access to customer information |
| Items | items:read | items:write | Access to invoice line items and products |
| SIE Files | sie:read | Read-only access to SIE export files | |
| Fiscal Years | fiscal-years:read | Read-only access to fiscal year information |
Support and CommunityIf you have any questions, issues, or feedback regarding the Bokio API, please reach out to [email protected] or join the Developer community. We appreciate any feedback you might have.