Announcing our $20m Series A from GV (Google Ventures) and Workday Ventures
Read More
3
Contributors
Guillaume Lebedel
Engineering
Gordon MacDonald
Engineering
Morgan Williams
Design
July 2025

API Key Scopes

Historically, a single API key granted full access to both the unified and platform APIs. To improve security, API keys can now be created with granular scopes that limit what each key is allowed to do.

To improve our security standing, we have implemented API key scopes. These scopes enable customers to select which API parts the API key can access.

Scopes

There are four scopes available when creating an API key, which can be selected in any combination in the Create API key panel:  
- unified.read: allows calls to read‑only unified endpoints.  
- unified.write: allows calls to unified endpoints that update data.  
- platform.read: allows reads of platform‑level data such as Accounts.  
- platform.write: allows platform‑level writes such as creating Accounts and Connect Sessions.

The count of scopes for a given API is now included on the main API keys table. Hovering over the scope count shows the list of scopes for that API key:

Join StackOne

Start saying yes to your customers

All the tools you need to build real-time integrations, at scale, with best-in-class security & privacy.
Get Started Now
The Universal Integration
Layer for Modern Products.
Credits
|
Product
Setup
Product Overview
Our Coverage
Integrations
Company
About
Careers
Contact
Press
Security & Privacy
Resources
Changelog
Blog
Case Studies
Docs
SDKs
Legal