Permission Scopes and Data Access

Permission scopes define which data models and operations a custom application can access in Flowlu. Scopes restrict application access at the platform level and are enforced across API requests, webhooks, and configuration interfaces.

Scopes are declared in the application manifest and must be approved during installation.

What is a scope

A scope is a permission that grants an application access to one or more ORM models within a Flowlu module.

Each scope defines:

• the module it belongs to,

• the models it covers,

• the allowed access level (read or full).

An application must declare an appropriate scope in order to interact with a specific entity.

Scope examples

Examples of supported scopes include:

• users — access to user models

• user.me — access limited to the current authenticated user

• crm — access to all CRM module models

• crm.accounts — access to CRM account-related models

• crm.deals — access to deal and lead models

• products — access to product models

• fin — access to financial models

• calendar — access to calendar models

• task — access to task models

• knowledgebase — access to knowledge base models

• workspace, orgchart, customlists, and others

An application must declare a scope that explicitly allows access to the target entity.

Scope levels and priority

Scopes may be declared with different access levels, such as read or full.

If the same scope is declared multiple times with different access levels, only the highest access level is applied.

Example:

• crm.read + crm.full → crm.full is used

General vs specific scopes

If an application declares:

• a general module scope (for example, crm), and

• a more specific scope from the same module (for example, crm.accounts),

only the general module scope is applied, and the specific scope is ignored.

This prevents duplicate or conflicting permissions.

Scopes and API access

To perform operations on a specific entity through the API:

• the application must declare a scope that allows access to that entity,

• the user whose token is used must also have permission to access the module.

If either condition is not met, the API request is rejected.

Scopes and webhooks

When creating webhooks:

• Flowlu verifies that the application has a scope allowing access to the target module and model.

• If no suitable scope is declared, the webhook is not created.

Registered webhooks are updated automatically when a new application version is installed, based on the scopes declared in the manifest.

Scopes and UI configuration

Scopes also affect application configuration and UI behavior.

For example:

• entity selectors are shown only for entities covered by the application’s scopes,

• if a scope allows access but the current user does not have permission to the module, the selector is empty,

• previously selected values may display only the entity ID with a “no access” indicator.

Some UI integration points (such as dashboards, menus, or reports) may be registered without declaring a specific scope, but any data access within those integrations still requires appropriate scopes.

Scope visibility during installation

During application installation:

• requested scopes are displayed to the administrator,

• administrators must approve all requested scopes before installation can proceed.

This ensures transparency and controlled access to platform data.