apaleo · OAuth Scopes

apaleo OAuth Scopes

OAuth 2.0 derived

apaleo publishes 10 OAuth 2.0 scopes via the clientCredentials and authorizationCode flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the apaleo API on a user’s behalf.

Tokens are issued from https://identity.apaleo.com/connect/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

HospitalityPMSProperty ManagementHotelsAPI-First
Scopes: 10 Flows: clientCredentials, authorizationCode Method: derived

OAuth endpoints

Authorization URL
https://identity.apaleo.com/connect/authorize
Token URL
https://identity.apaleo.com/connect/token
Flows
clientCredentialsauthorizationCode

Scopes (10)

ScopeDescriptionFlows
availability.manage Manage availability authorizationCode, clientCredentials
availability.read Read availability authorizationCode, clientCredentials
folios.manage Manage folios, payments, and invoices authorizationCode, clientCredentials
folios.read Read folios and finance data authorizationCode, clientCredentials
rates.manage Manage rate plans and rates authorizationCode, clientCredentials
rates.read Read rate plans and rates authorizationCode, clientCredentials
reservations.manage Create and manage reservations and bookings authorizationCode, clientCredentials
reservations.read Read reservations and bookings authorizationCode, clientCredentials
setup.manage Manage inventory and configuration authorizationCode, clientCredentials
setup.read Read inventory and configuration authorizationCode, clientCredentials

Source

OAuth Scopes

apaleo-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/apaleo-openapi.yml
schemes:
- name: oauth2
  source: openapi/apaleo-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://identity.apaleo.com/connect/token
  - flow: authorizationCode
    authorizationUrl: https://identity.apaleo.com/connect/authorize
    tokenUrl: https://identity.apaleo.com/connect/token
  description: apaleo uses OAuth 2.0. Obtain a bearer access token from the apaleo identity
    provider and send it in the Authorization header as 'Bearer {token}'. The client-credentials
    and authorization-code grants are supported.
scopes:
- scope: availability.manage
  description: Manage availability
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: availability.read
  description: Read availability
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: folios.manage
  description: Manage folios, payments, and invoices
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: folios.read
  description: Read folios and finance data
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: rates.manage
  description: Manage rate plans and rates
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: rates.read
  description: Read rate plans and rates
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: reservations.manage
  description: Create and manage reservations and bookings
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: reservations.read
  description: Read reservations and bookings
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: setup.manage
  description: Manage inventory and configuration
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml
- scope: setup.read
  description: Read inventory and configuration
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/apaleo-openapi.yml