Access Scopes
When an API client is created, it is assigned a set of access scopes. These scopes define the level of access that the OAuth client has to the data in a user's account. This ensures that the OAuth client only has access to the data and operations that are necessary for the integration, and that sensitive data is not exposed unnecessarily.
Client Scopes
When you create an API client in the Developer Portal, you can select the access scopes that you want to request for your integration. The scopes permitted will depend on the type of integration you are building and the data you need to access.
List of Scopes
Each scope corresponds to a specific set of API endpoints and operations that the client can perform.
See the table below for the full list of access scopes
| Scope | Description |
|---|---|
orders-api | Read business information, floors, menus, discounts, and production instructions. Read and write orders and payments. Read Rich Item data. |
financial-api | Read financial data. |
items | Read and write items. |
propertymanagement | Read and write Property Management System configurations. |
staff-api | Read staff and shift details. Configure webhooks. |
reservation-*** | Platform reservations scope. The *** will be replaced by the platform-code of your reservation platform. |
reservations-api | Configure legacy reservation integrations. Note: This API will eventually be deprecated in favour of the new Reservations for Platforms API. More information on the new reservations workflows can be found in the Integration Guide. |
Requesting Access Scopes
To request access to a specific scope during the authorization flow, you must include the scope(s) in the scope parameter of the authorization request URL.
URL Example:
https://api.lsk.lightspeed.app/oauth/authorize?response_type=code&client_id=***&redirect_uri=***&scope=financial-api%20orders-api
When the user clicks on the authorization URL, they will be redirected to the Lightspeed login page. After logging in, they will be prompted to approve each requested scope individually. If no scope is specified in the authorization request, the user will be prompted to approve all scopes available for the API client.
Example:
When requesting a token using your K-Series OAuth client, you will only be able to request the access scopes that have been granted to your API client.
If you need additional scopes for your API Client, you can make a request in the Developer Portal.