Scopes control which parts of the Imprest API your application can access. Request only the scopes your app actually needs — users see the scope list during the authorization consent screen.
Money
-----
money_in Manage invoices and receivables
money_out Manage bills and payables
Banking
-------
banking Manage bank connections and transactions
Accounting
----------
accounting Manage chart of accounts
journal_entries Create and manage journal entries
transfers Create account transfers
taxes Manage tax settings
close_books Lock periods and close books
Reporting
---------
reports View financial reports (P&L, Balance Sheet, Cash Flow)
Team
----
settings Manage organization settings
team Manage team members and roles
Payroll
-------
payroll_view View payroll data
payroll_manage Manage payroll runs
Documents
---------
documents Manage documents
Time Tracking
-------------
time_tracking_view View time entries
time_tracking_manage Manage time entries
time_tracking_approve Approve time entries
Scope Grouping in Authorization
--------------------------------
Request multiple scopes space-separated:
scope=money_in+money_out+banking
Users can grant a subset of the requested scopes. Always check the "scope" field in the token response to confirm what was actually granted before making calls that depend on a specific scope.
Scope Naming
------------
Scopes use flat names (e.g., money_in, banking) rather than colon-separated resource:action pairs. Each scope grants full access to its domain.