Kazi OAuth scopes

As explained in the security introduction section, the subscription key together with an access token protects the api from unauthorized access.

On top of these two access levels, the API has also a more detailed authorization mechanism based on the access tokens in the JWT (JSON web token).The JWT is also known as the access token.

To have access to a kazi API method, the JWT should contain one or more scopes depending on the resource you want to access. Please find below this page a list of possible scopes.

After registering your application (see getting started) a kazi administrator will create your application client ID and secret and gives your application permission to one ore more sopes depending on the goal of your application. If you don't have scopes assigned to your application, you will get a 401 application error. Please contact a kazi administrator via the contact info in the footer below.

An access token requested via the client credentials grant type flow will contain automatically all scopes you have access to. If the token is requested via authorization code grant type flow, you need to ask for the scopes yourself. Only requested scopes you have access to will be returned in the JWT.

Depending on the resources you are accessing, you need to have permissions to one of the following scopes:

• read:answers
• read:clusters
• read:domains
• read:expectations
• read:jobscans
• read:questions
• read:scores
• read:talentscans
• write:answers
• write:expectations
• write:jobscans
• write:talentscans