Understanding Scopes
Carta uses OAuth scopes to control access to our data
Scopes
Carta's API uses Oauth scopes to control access to our data. Our scopes follow this pattern:
read_{resource}: Grants readonly access to the endpoint associated with a resource scope.
readwrite_{resource}: Grants read & modify access to the endpoint associated with a resource scope.
Note
Your application's access to Carta data will match the user who granted you that access. For example, when you submit a call to our Issuer API, we verify the user's current role to confirm they still have appropriate access. Note that company administrators can freely change their users' roles, and if you attempt to access the API after the user no longer has appropriate access we will respond with a
403 Forbiddenerror with reasonMISSING_INTERNAL_PERMISSION. See Permissions and Roles for more information about Carta's account roles.
Available scopes
| Scope | Description |
|---|---|
read_draftissuers | Reads details about a draft issuer. |
readwrite_draftissuers | Reads and writes details about a draft issuer. |
read_investor_firms | Reads information about investor firms. |
read_investor_funds | Reads information about investor funds. |
read_investor_investments | Reads information about investor investments. |
read_investor_capitalizationtables | Reads the capitalization tables of investor investments. |
read_issuer_capitalizationtablesummary | Reads the summary capitalization table of an issuer. |
read_issuer_info | Reads issuer details such as name, description, and website. |
read_issuer_securities | Reads details of issuer securities such as options, RSUs, RSAs, and certificates. |
read_issuer_shareclasses | Reads share class information about an issuer. |
read_issuer_stakeholders | Reads details about stakeholders who have received equity from an issuer. |
read_issuer_valuations | Reads valuation information about an issuer. |
read_portfolio_info | Reads basic information about a portfolio such as profile information. |
read_portfolio_securities | Reads basic information about securities in a portfolio (i.e. holdings). |
read_portfolio_transactions | Reads information about a portfolio's security transactions. |
read_user_info | Reads information about the current user such as id, name, and email address. |
We also support three additional scopes related to user information: openid, profile, and email. See the OpenID Connect Basic Client Implementer's Guide for more information on these scopes:
| Scope | Description |
|---|---|
openid | An OpenID Connect scope to access the User Info endpoint. |
profile | An OpenID Connect scope which returns common fields in the id_token. |
email | An OpenID Connect scope which returns email related fields in the id_token. |
Updated 9 days ago