Auboz API

Scopes

API key scope reference.

API keys use scopes to control access. Assign scopes when creating a key to limit what it can do.

Available Scopes

ScopeAccess
user:readView profile, credits balance, list API keys
user:writeUpdate profile, create and delete API keys
kb:readList and get workspaces, documents, and search
kb:writeCreate/delete workspaces, upload/delete documents
chat:readList and get chat sessions and messages
chat:writeCreate sessions, send messages, query agent

Scope Requirements by Endpoint

Each endpoint documents its required scope. A request with an API key missing the required scope returns 403 Forbidden.

Read Scopes

  • user:readGET /v1/user/me, GET /v1/user/api-keys
  • kb:readGET /v1/kb/workspaces, GET /v1/kb/documents, POST /v1/kb/query
  • chat:readGET /v1/chat/sessions, GET /v1/chat/sessions/:id/messages

Write Scopes

  • user:writePOST /v1/user/api-keys, DELETE /v1/user/api-keys/:id
  • kb:writePOST /v1/kb/workspaces, DELETE /v1/kb/workspaces/:id, POST /upload/init, POST /upload/complete
  • chat:writePOST /v1/chat/sessions, POST /agent

Rate Limits

Request rate limits by plan tier.

Errors

HTTP error codes and response format.

On this page

Available ScopesScope Requirements by EndpointRead ScopesWrite Scopes