The InEvent Access Token has a few different scopes that limits its usage for certain endpoints and operations. Depending on the scope in use, you might get different responses for the same
API call, usually with limited information for the given scope.
This is the scope that gives full access to all your Access Token capabilities, essentially allowing it to do all operations that Access Token is allowed to. If you are an administrator of a
Company or an
Event, this scope will give full access to all data contained in those modules.
This scope gives you limited access to a single
Event your Access Token can access. When accessing it using credentials limited to the Event scope, in case your user has
Admin permission level on the Event environment, it will be automatically downgraded to
User permission level. To gain full
Admin permission level on the Event environment, you must use credentials associated to the System scope.
The System scope is accessible through the
person.signIn endpoint without using the
eventID query attribute. Also, it has its own password specific for its scope.
The Event scope is accessible through the
person.signIn endpoint while using the
eventID query attribute. It has a different password than the System scope. In case you use the same password as the System scope, you will get a System scope access token.
Magic Links are always limited to the Event scope.
Updated about 2 years ago