Permissions & Scopes
If you're building on top of Attlaz's API (i.e using Auth Tokens), you'll need certain scopes to access different API endpoints.
To set the scopes for an integration token, select the scopes from the dropdown. These can be edited later.
To set the scopes for an auth token, check the necessary boxes when creating an auth token.
[//] # ()
If you're looking for information on membership roles please visit the membership documentation.
Organizations
| GET | org:read |
| PUT/POST | org:write |
| DELETE | org:admin |
Projects
| GET | project:read |
| PUT/POST | project:write |
| DELETE | project:admin |
The project:releases scope will give you access to both project
and organization release endpoints. The available endpoints are listed in the
Releases section of the API Documentation.
Teams
| GET | team:read |
| PUT/POST | team:write |
| DELETE | team:admin |
Members
| GET | member:read |
| PUT/POST | member:write |
| DELETE | member:admin |
Issues & Events
| GET | event:read |
| PUT | event:write |
| DELETE | event:admin |
PUT/DELETE methods only apply to updating/deleting issues. Events in Attlaz are immutable and can only be deleted by deleting the whole issue.
Releases
| GET/PUT/POST/DELETE | project:releases |
Be aware that if you're using attlaz-cli to manage your releases, you'll need a token
which also has org:read scope.