This documentation is for WSO2 IoT Server 3.2.0. View the documentation for the latest release.
Device Management API Scopes - IoT Server 3.2.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

The permission to invoke the APIs are assigned via scopes. You can define all the scopes and generate an access token that can invoke all the APIs or you can generate an access token that only has the required scope to invoke a specific API. For more information on how to generate the access token, see Obtaining the access token.

Take a look at all the device management API scopes.

ScopeDescription
perm:sign-csrPermission to sign the iOS CSR certificate.
perm:admin:devices:viewPermission to get the details of a device as the administrator.
Managing user roles
perm:roles:addPermission to add a user role.
perm:roles:add-usersPermission to add users to a user role.
perm:roles:updatePermission to update a user role.
perm:roles:permissionsPermission to define device management permissions to the user role.
perm:roles:detailsPermission to view user role details.
perm:roles:viewPermission to view the list of user roles.
perm:roles:create-combined-rolePermission to combine two roles and create one role.
perm:roles:delete Permission to delete a user role.
Managing devices

perm:get-activity

Permission to get the activity details of a device.

perm:devices:delete

Permission to delete a device.

perm:devices:applications

Permission to get the details of the applications installed on a device.

perm:devices:effective-policy

Permission to get the details of the policy that is enforced on a device.

perm:devices:compliance-data

Permission to get the policy compliance details of a device.

perm:devices:features

Permission to get the feature on the device. The operations and policies will be applied to these features.
For example, the camera restriction policy will be applied to the device's camera. In this context, the device's camera is a feature.

perm:devices:operations

Permission to get the device operation details.

perm:devices:search

Permission to search devices.

perm:devices:details

Permission to get the details of a device.

perm:devices:update

Permission to update the device name.

perm:devices:view

Permission to get the details of registered devices.
Managing device policies

perm:policies:remove

Permission to remove one or multiple policies.

perm:policies:priorities

Permission to update the policy priority.

perm:policies:deactivate

Permission to deactivate an already active policy.

perm:policies:get-policy-details

Permission to get all the details of a specific policy.

perm:policies:manage

Permission to add a new policy.

perm:policies:activate

Permission to activate a deactivated policy.

perm:policies:update

Permission to update the policy details.

perm:policies:changes

Permission to publish the policy changes to the existing devices.

perm:policies:get-details

Permission to get the details of all the policies.
Managing users

perm:users:add

Permission to add a new user.

perm:users:details

Permission to get the details of a user.

perm:users:count

Permission to get the total number of users.

perm:users:delete

Permission to delete a user.

perm:users:roles

Permission to get the role details of a user.

perm:users:user-details

Permission to get the details of all the user.

perm:users:credentials

Permission to change the user password.

perm:users:search

Permission to search for a user.

perm:users:is-exist

Permission to get the details on whether the user exists or not.

perm:users:update

Permission to update the user details.

perm:users:send-invitation

Permission to invite users to enroll their devices.
Managing device groups

perm:groups:devices

Permission to get the list of devices in a group.

perm:groups:update

Permission to update a device group.

perm:groups:add

Permission to add a new device group.

perm:groups:device

Permission to get the list of groups that have a specific device.

perm:groups:devices-count

Permission to get the number of devices in a group.

perm:groups:remove

Permission to delete a device group.

perm:groups:groups

Permission to get the list of groups that a user has access to.

perm:groups:groups-view

Permission to get the details of a group.

perm:groups:share

Permission to share a group with users.

perm:groups:count

Permission to get the total number of device groups.

perm:groups:roles

Permission to get the details of the user roles who can access the group.

perm:groups:devices-remove

Permission to remove a device from a group.

perm:groups:devices-add

Permission to add a device to a group.

perm:groups:assign

Permission to assign a device to a group.
Managing device types

perm:device-types:features

Permission to get the feature details of a device.

perm:device-types:types

Permission to get the supported device platforms.
Managing mobile applications

perm:applications:install

Permission to install a mobile application. This invokes an internal API.

perm:applications:uninstall

Permission to uninstall a mobile application.This invokes an internal API.
Managing Notifications

perm:notifications:mark-checked

Permission to update the status of a notification sent to a device,

perm:notifications:view

Permission to view all the notifications sent to a device.
Managing mutual SSL certificate

perm:admin:certificates:delete

Permission to delete a certificate.

perm:admin:certificates:details

Permission to get details of an SSL certificate.

perm:admin:certificates:view

Permission to get the details of all the uploaded mutual SSL certificates.

perm:admin:certificates:add

Permission to add a new certificate.

perm:admin:certificates:verify

Permission to verify the SSL certificate.
Managing iOS devices

perm:ios:enroll

Permission to enroll an iOS device.

perm:ios:view-device

Permission to view the enrolled iOS device details.

perm:ios:apn

Permission to add an Apple Push Notification (APN).

perm:ios:ldap

Permission to add a Lightweight Directory Access Protocol (LDAP).

perm:ios:enterprise-app

Permission to install applications that are developed and published by the organization.

perm:ios:store-application

Permission to install applications from the App Store.

perm:ios:remove-application

Permission to uninstall an application.

perm:ios:app-list

Permission to get the list of applications installed on a device.

perm:ios:profile-list

Permission to add restrictions or configurations to the device as policies. The device stores the policy restriction or configurations as profiles.

perm:ios:lock

Permission to lock an iOS device.

perm:ios:enterprise-wipe

Permission to delete the enterprise-related data on an iOS device and unregister the device.

perm:ios:device-info

Permision to get the device information.

perm:ios:restriction

Permission to enforce restrictions on the device via the restriction policy.

perm:ios:email

Permission to add an email.

perm:ios:cellular

Permission to add an Apple cellular payload.

perm:ios:applications

Permission to view the applications installed on an iOS device.

perm:ios:wifi

Permission to configure the Wi-Fi settings on the device.

perm:ios:ring

Permission to ring the device,

perm:ios:location

Permission to get the device location.

perm:ios:notification

Permission to send a notification to a device.

perm:ios:airplay

Permission to configure settings for connecting to AirPlay destinations.

perm:ios:caldav

Permission to configure the settings for connecting to CalDAV servers.

perm:ios:cal-subscription

Permission to configure settings for calendar subscriptions.

perm:ios:passcode-policy

Permission to configure the password policy

perm:ios:webclip

Permission to add web clip or a shortcut to a web page.

perm:ios:vpn

Permission to specify the VPN settings.

perm:ios:per-app-vpn

Permission to specify the per app VPN settings.

perm:ios:app-to-per-app-vpn

Permission to specify the app to per app VPN settings.

perm:ios:app-lock

Permission to add an application lock.

perm:ios:clear-passcode

Permission to clear the password on the iOS device.

perm:ios:remove-profile

Permission to remove the restrictions that were pushed to the device via the policies. The device stores the policy restriction or configurations as profiles.

perm:ios:get-restrictions

Permission to get the list of restriction that has enforced on the device via the restriction policy.

perm:ios:wipe-data

Permission to format the device.
Managing Android devices

perm:android:enroll

Permission to enroll an Android device.

perm:android:wipe

Permission to carry out a factory reset operation on the device.

perm:android:ring

Permission to ring the device.

perm:android:lock-devices

Permission to lock the device.

perm:android:configure-vpn

Permission to configure the VPN settings.

perm:android:configure-wifi

Permission to configure the Wi-Fi settings.

perm:android:uninstall-application

Permission to uninstall an application that is on a device.

perm:android:manage-configuration

Permission to manage the Android platform configurations.

perm:android:location

Permission to get the device location.

perm:android:install-application

Permission to install applications on a device.

perm:android:mute

Permission to mute a device.

perm:android:change-lock-code

Permission to change the device's password.

perm:android:blacklist-applications

Permissong to blacklist applications.Blacklisting prevents you from using the defined applications. For Android operation systems before Lollipop, when a blacklisted application is clicked a screen is displayed to prevent you from using the app. For the Lollipop Android operating systems and after, the blacklisted apps will be hidden. Blacklisting can be used on both BYOD and COPE devices.

perm:android:set-password-policy

Permission to define a password policy.

perm:android:encrypt-storage

Permission to encrypt data on the device, when the device is locked and make it readable when the passcode is entered.

perm:android:clear-password

Permission to clear the device's password.

perm:android:enterprise-wipe

Permission to unregister a device

perm:android:info

Permission to get the details of a device.

perm:android:view-configuration

Permission to view Android platform configurations.

perm:android:upgrade-firmware

Permission to upgrade the firmware of the device.

perm:android:set-webclip

Permission to create a web clip or a shortcut to a web page.

perm:android:send-notification

Permission to send a message to a device or devices.

perm:android:disenroll

Permission to unregister an Android device.

perm:android:update-application

Permssion to update an application that is installed on the device.

perm:android:unlock-devices

Permission to unlock the device.

perm:android:control-camera

Permission to create a policy to control the device's camera.

perm:android:reboot

Permission to restart the device.

perm:android:logcat

Permission to push logcat of the device to the analytics server. Logcat displays messages in real time and keeps a history so you can view the old messages.
Other

perm:admin-groups:count

Permission to get the total number of device groups as an administrator.
perm:admin-groups:view Permission to get the device group details as an administrator.
perm:admin Permission to create OAuth application and to publish and subscribe to APIs.
perm:admin-users:view Permission to get the details of all the users as an administrator.
perm:view-configuration Permission to view all the platform configurations.
perm:manage-configuration Permission to update the platform configurations.
  • No labels