Concepts
Scopes
API scopes that control which identification, signing, flow, and document endpoints your app can call.
Each pasby app is provisioned with scopes. Scopes gate which endpoints you may call and which device patterns are available.
Configure scopes in the pasby console. Request only what your integration needs.
Scope map
| Scope | Endpoint |
|---|---|
identification:same | Identification — same device |
identification:another | Identification — different device |
identification:wildcard | Identification — wildcard |
signing:same | POST /api/v2/signing/same-device |
signing:another | POST /api/v2/signing/different-device |
signing:wildcard | POST /api/v2/signing/wildcard |
document:sign | Document signing — signing, review, refresh |
flow:ping | POST /api/v2/flow/ping |
flow:cancel | POST /api/v2/flow/cancel |
Legacy v1 also exposes flow:authorize and flow:poll — see Migration v1 → v2.
Scope enforcement happens in Console and the pasby backend when your app calls the API.
Actions vs scopes
Flow actions (login, sign, …) describe what the user does. Scopes describe which APIs your app may call. Both must align for a successful integration.