OAuth2 Scopes

OAuth2 scopes allow to limit your app's access to Gorgias user’s account data.

The following scopes can be defined programmatically:

Basic scopes

NameDescription
openidScope required to "login" with Gorgias. Allows Gorgias to act as a OpenID provider.
emailUser email address.
profileBasic user information such as their name.
offlineScope required to use a refresh_token - needed to deal with expiring access_token.

Gorgias scopes

NameDescription
account:read
account:write
Information about your account, including account-wide settings like business hours. The write scope can be used to update the account owner.
users:read
users:write
Users of your helpdesk and any data associated with them, including: email address; first name; last name; bio; role (basic agent, admin, etc.); teams.
customers:read
customers:write
Data associated with your customers, including: email address; first name; last name; language; notes; data received via integrations (such as Shopify).
tickets:read
tickets:write
Ticket views and their settings, as well as tickets with their content, including messages, tags, assignees, etc.
custom_fields:read
custom_fields:write
Custom fields and their configuration.
events:read
events:write
Changes that are being tracked for your account, including events like: ticket created/updated/closed, etc; user created/updated/deleted, etc; rule created/updated/deleted, etc.
integrations:read
integrations:write
HTTP integrations, native integrations, and widgets that are connected to your account.
jobs:read
jobs:write
E.g.: closing 10k tickets, exporting 500k tickets, etc.
macros:read
macros:write
Macros and their configuration.
rules:read
rules:write
Rules and their configuration.
satisfaction_survey:read
satisfaction_survey:write
Satisfaction surveys that have been or will be sent to your customers.
statistics:readSupport metrics calculated for your account.
tags:read
tags:write
Tags that can be added to tickets.
apps:read
apps:write
List and uninstall third party Apps.

Deprecated scopes

NameDescription
write:all

Read and Write permissions to all resources accessible by the user's grant.

Note that that this is a temporary permission and will be removed in the future in favor of more granular scopes. We'll notify you well in advance when that happens to migrate.


Did this page help you?