Bokio uses scopes to control access to different resources and operations in the API. Scopes provide fine-grained permission control, allowing integrations to request only the specific access they need to function properly.

How Scopes Work

Scopes follow a consistent naming pattern: {resource}:{action}. For example:

journal-entries:read - Read access to journal entries
journal-entries:write - Write access to journal entries
invoices:read - Read access to invoices

When multiple scopes are required, they are combined in a space-delimited string format:

journal-entries:read journal-entries:write invoices:read

Best Practices

Principle of Least Privilege: Only request the scopes that are absolutely necessary for your integration to function
Separate Read/Write Access: Consider whether your integration truly needs write access or if read-only/write-only access is sufficient
Regular Review: Periodically review your integration's scope requirements as functionality evolves

Available Scopes

Resource	Read Scope	Write Scope	Description
Journal Entries	`journal-entries:read`	`journal-entries:write`	Access to accounting journal entries
Uploads	`uploads:read`	`uploads:write`	Access to uploaded documents and files
Invoices	`invoices:read`	`invoices:write`	Access to invoices
Credit notes	`credit-notes:read`	`credit-notes:write`	Access to credit notes
Customers	`customers:read`	`customers:write`	Access to customer information
Items	`items:read`	`items:write`	Access to invoice line items and products
SIE Files	`sie:read`		Read-only access to SIE export files
Fiscal Years	`fiscal-years:read`		Read-only access to fiscal year information
Company Information	`company-information:read`		Read-only access to company information
Chart of accounts	`chart-of-accounts:read`		Read-only access to chart of accounts

Elevated scopes

Scopes in the Bokio API can require elevated permissions. These scopes can only be used after approval by Bokio's API team. The requirements to be approved for elevated scopes includes:

Only available for public integrations
Partnership contract
Applicable security review

Note that additional requirements might apply

Resource	Read Scope	Write Scope	Description
Bank payments	`bank-payments:read-limited`	`bank-payments:write`	Access to bank payments created in Bokio, not bank transactions

📘
Support and Community
If you have any questions, issues, or feedback regarding the Bokio API, please reach out to support@bokio.se or join the Developer community. We appreciate any feedback you might have.