Skip to main content

What are scopes?

Scopes are used to manage access to Salesloft data via the API. They represent specific permissions, allowing applications to request only the necessary data and actions. This ensures secure and granular access control by defining what information the application can view or modify.

Why Use Scopes?

Using granular scopes provides significant security and control benefits when integrating applications with Salesloft.

  • Enhanced Security: Granular scopes ensure applications only receive the precise permissions they require. This minimizes the risk of unauthorized access to sensitive Salesloft data.
  • Reduced Impact of Security Breaches: By limiting an application's access, granular scopes reduce the potential damage if an application's security is compromised. It's like giving someone a key to one room rather than the entire house.

Granular scopes are essential for:

  • Data Protection and Compliance: Safeguarding customer data according to specific business and security requirements.
  • Transparency and Visibility: Providing clear insight into the data access granted to integrated applications.
  • Building Customer Trust: Empowering customers with knowledge of an integration's capabilities, fostering confidence in data governance.

Commonly Used Scopes

Salesloft's API provides a range of scopes to control access to different data and functionalities. Here are some of the most commonly used scopes for typical integrations:

  • people:read: "Allows an application to read information about people in Salesloft."
  • accounts:read: "Grants access to retrieve account data, such as company information."
  • activities:read: "Enables the application to view activity logs, including emails, calls, and other interactions."
  • cadences:read: "Provides access to read data about cadences."
  • calls:read: "Allows the application to retrieve call logs and related information."
  • emails:read: "Gives access to read email data."
  • crm:read: "Allows the application to read data related to CRM integrations."
  • team:read: "Allows the application to read data related to team members and their assignments."

Important Notes:

  • The specific scopes required will depend on the functionality of your integration. Always refer to the official Salesloft API documentation for a complete and up-to-date list of available scopes.
  • When requesting scopes, it's essential to adhere to the principle of least privilege and request only the necessary permissions.

Frontend integration scopes

Frontend integrations within Salesloft require the following core scopes to function:

  • person:read: Enables the integration to display information on the Person page.
  • account:read: Enables the integration to display information on the Account page.

These scopes are essential for any frontend integration as they provide the necessary data to operate within the Salesloft user interface.

Privileged scopes

Privileged scopes grant elevated access to sensitive data and functionalities within Salesloft. These scopes should be requested with extreme caution and only when absolutely necessary.

The list of privileged scopes with descriptions is as follows:

  • email_contents:read: "Read email bodies and subjects for Salesloft emails."
  • crm_id_person:write: "Write to the crm_id field of the Person object."
  • crm_id_account:write: "Write to the crm_id field of the Account object."
  • data_control:read: "Read data redaction requests."
  • data_control:write: "Write data redaction requests."
  • external_emails:write: "Write MIME emails for reply tracking processing."

Identifying the right scopes for your application or key

In order to be able to use the public Salesloft API, your application or API key will be required to have the appropriate scopes.

When you create a connected app, frontend integration, or API key, see the documentation for the endpoints that you intend to use. In each endpoint documentation page you will find an authorization section:

Authorization Section GIF

This section includes scopes information for you to know which scopes grant permission to use this endpoint.

If you don't see any scopes information here, that means this endpoint does not require any specific scope and thus any Salesloft API key or access token can be used to make calls to it. If multiple scopes are present, any of the listed scopes are sufficient to make calls to this endpoint.