Version: 2.x

Kazi OAuth scopes

As explained in the security introduction section, the subscription key together with an access token protects the api from unauthorized access.

On top of these two access levels, the API has also a more detailed authorization mechanism based on the access tokens in the JWT (JSON web token).The JWT is also known as the access token.

To have access to a kazi API method, the JWT should contain one or more scopes depending on the resource you want to access. Please find below this page a list of possible scopes.

After registering your application (see getting started) a kazi administrator will create your application client ID and secret and gives your application permission to one ore more sopes depending on the goal of your application. If you don't have scopes assigned to your application, you will get a 401 application error. Please contact a kazi administrator via the contact info in the footer below.

Depending on the resources you are accessing, you need to have permissions to one of the following scopes:

  • read:answers
  • read:clusters
  • read:domains
  • read:expectations
  • read:jobscans
  • read:questions
  • read:scores
  • read:talentscans
  • write:answers
  • write:expectations
  • write:jobscans
  • write:talentscans