The Zylo Enterprise API implements API key permissions that provide fine-grained control over the access and capabilities granted to the API key generated within the app. By defining specific permissions for API keys, you can limit access to certain endpoints, resources, or functionalities based on the needs of the application.

Zylo permissions contain a resource type and a read or write permission. For example, an applications:read scope allows for read-only access to the Applications resource. To be able to create, edit and delete Applications, the API key would need a scope of applications:write. To be able to perform both operations, the API key would need both the applications:read and applications:write scope.

List of API Permissions

These permissions are only attached to a Company Token or a Connected App, they cannot be assigned to Zylo Users.

The following table lists the various permissions for the API and a brief description about their uses.

Permission	Description
`admin`	Provides access to account administrative functions
`applications:write`	Provides access to create, update and delete Applications.
`applications:read`	Provides access to read Applications.
`contracts:write`	Provides access to create, update and delete Contracts.
`contracts:read`	Provides access to to read Contracts.
`spend:write`	Provides access to create, update and delete Payments.
`spend:read`	Provides access to read Payments.
`integrations:write`	Provides access to create, update and delete Integrations.
`integrations:read`	Provides access to read Integrations.
`team:write`	Provides access to create, update, and delete Users.
`team:read`	Provides access to read Users.

List of App Permissions

These permissions are only attached to Zylo Users, they cannot be assigned to a Company Token or a Connected App.

The following table lists the various permissions for the Zylo UI and a brief description about their uses.

Permission	UI Label	Description
`admin-panel`	Admin	Provides access to account administrative functions
`app-catalog-admin`	App Catalog Admin	Provides access to read, create, update and delete App Catalog applications.
`app-catalog-admin-read-only`	App Catalog Admin	Provides access to read App Catalog applications.
`apps`	Applications	Provides access to read, create, update and delete Applications.
`apps-read-only`	Applications	Provides access to read Applications.
`automation`	Automations	Provides access to read, create, update and delete automations.
`charges`	Spend	Provides access to read, create, update and delete Payments.
`charges-read-only`	Spend	Provides access to read Payments.
`contracts`	Contracts	Provides access to read, create, update and delete Contracts.
`contracts-read-only`	Contracts	Provides access to read Contracts.
`dashboard-admin`	Dashboard Admin	Provides access to read, create, update and delete Dashboards.
`integrations`	Integrations	Provides access to read, create, update and delete Integrations.
`integrations-read-only`	Integrations	Provides access to read Integrations.
`unmatched-payments`	Unmatched Payments	Provides access to read and update unassigned Payments.
`uploads`	Payment Upload	Provides access to upload payments files to Zylo.
`users`	Team	Provides access to read, create, update, and delete Users.
`users-read-only`	Team	Provides access to read Users.