Ironclad · OAuth Scopes

Ironclad OAuth Scopes

OAuth 2.0 derived

Ironclad publishes 60 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Ironclad API on a user’s behalf.

Tokens are issued from https://na1.ironcladapp.com/oauth/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Contract Lifecycle ManagementCLMContractsLegal TechLegalOpsEnterpriseWorkflowseSignatureClickwrapAIOAuthSCIMWebhooks
Scopes: 60 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://na1.ironcladapp.com/oauth/authorize
Token URL
https://na1.ironcladapp.com/oauth/token
Flows
authorizationCodeclientCredentials

Scopes (60)

ScopeDescriptionFlows
public.entities.createEntities Create Entities authorizationCode, clientCredentials
public.entities.deleteEntities Delete Entities authorizationCode, clientCredentials
public.entities.readEntities Read Entities authorizationCode, clientCredentials
public.entities.readRelationshipTypes Read Relationship Types authorizationCode, clientCredentials
public.entities.updateEntities Update Entities authorizationCode, clientCredentials
public.export.createReports Create Reports authorizationCode, clientCredentials
public.export.readReports Read Reports authorizationCode, clientCredentials
public.obligations.createObligations Create Obligations authorizationCode, clientCredentials
public.obligations.deleteObligations Delete Obligations authorizationCode, clientCredentials
public.obligations.readObligations Read Obligations authorizationCode, clientCredentials
public.obligations.updateObligations Update Obligations authorizationCode, clientCredentials
public.records.applyContractAction Apply Contract Actions authorizationCode, clientCredentials
public.records.createAttachments Create Record Attachments authorizationCode, clientCredentials
public.records.createComments Create Workflow Comments authorizationCode, clientCredentials
public.records.createRecords Create Records authorizationCode, clientCredentials
public.records.createSmartImportRecords Create Records via Smart Import authorizationCode, clientCredentials
public.records.deleteAttachments Delete Record Attachments authorizationCode, clientCredentials
public.records.deleteRecords Delete Records authorizationCode, clientCredentials
public.records.readAttachments Read Record Attachments authorizationCode, clientCredentials
public.records.readRecords Read Records authorizationCode, clientCredentials
public.records.readSchemas Read Record Schemas authorizationCode, clientCredentials
public.records.readSmartImportRecords Read Record Import Details from Smart Import authorizationCode, clientCredentials
public.records.updateRecords Update Records authorizationCode, clientCredentials
public.search.conversational Run Conversational agent Search authorizationCode
public.webhooks.createWebhooks Create Webhooks authorizationCode, clientCredentials
public.webhooks.deleteWebhooks Delete Webhooks authorizationCode, clientCredentials
public.webhooks.readWebhooks Read Webhooks authorizationCode, clientCredentials
public.webhooks.updateWebhooks Update Webhooks authorizationCode, clientCredentials
public.workflows.cancel Cancel Workflows authorizationCode, clientCredentials
public.workflows.cancelSignatureRequests Cancel Signature Requests authorizationCode, clientCredentials
public.workflows.createComments Create Workflow Comments authorizationCode, clientCredentials
public.workflows.createDocuments Create Workflow Documents authorizationCode, clientCredentials
public.workflows.createEmbeddableSignerUrls Create Embeddable Signature Request Recipient URLs authorizationCode, clientCredentials
public.workflows.createSignatureRecipientUrls Create Signature Request Recipient URLs authorizationCode, clientCredentials
public.workflows.createWorkflows Create Workflows authorizationCode, clientCredentials
public.workflows.deleteScheduledSignatureRequest Delete Scheduled Signature Request authorizationCode, clientCredentials
public.workflows.deleteSigners Delete Signers authorizationCode, clientCredentials
public.workflows.pauseAndResume Resume and Pause Workflows authorizationCode, clientCredentials
public.workflows.readApprovals Read Workflow Approvals authorizationCode, clientCredentials
public.workflows.readComments Read Workflow Comments authorizationCode, clientCredentials
public.workflows.readDocuments Read Workflow Documents authorizationCode, clientCredentials
public.workflows.readEmailCommunications Read Workflow Email Communications authorizationCode, clientCredentials
public.workflows.readParticipants Read Workflow Participants authorizationCode, clientCredentials
public.workflows.readRoleAssignees Read Workflow Role Eligible Assignees authorizationCode, clientCredentials
public.workflows.readSchemas Read Workflow Schemas authorizationCode, clientCredentials
public.workflows.readSignStatus Read Sign Status authorizationCode
public.workflows.readSignatures Read Workflow Signatures authorizationCode, clientCredentials
public.workflows.readTurnHistory Read Workflow Turn History authorizationCode, clientCredentials
public.workflows.readWorkflows Read Workflows authorizationCode, clientCredentials
public.workflows.remindSigners Remind Signers authorizationCode, clientCredentials
public.workflows.revertToReview Revert Workflows to Review authorizationCode, clientCredentials
public.workflows.scheduleSendSignatureRequest Schedule Send Signature Request authorizationCode, clientCredentials
public.workflows.sendSignatureRequests Send Signature Requests authorizationCode, clientCredentials
public.workflows.updateApprovals Update Workflow Approvals authorizationCode, clientCredentials
public.workflows.updateRoleAssignment Update Workflow Role Assignment authorizationCode, clientCredentials
public.workflows.updateScheduledSignatureRequest Update Scheduled Signature Request authorizationCode, clientCredentials
public.workflows.updateSignaturePacket Update Signature Packet authorizationCode, clientCredentials
public.workflows.updateSigners Update Signers authorizationCode, clientCredentials
public.workflows.updateWorkflows Update Workflows authorizationCode, clientCredentials
public.workflows.uploadSignedDocuments Upload Signed Workflow Documents authorizationCode, clientCredentials

Source

OAuth Scopes

ironclad-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/ironclad-public-api-openapi.yml
schemes:
- name: OAuth2
  source: openapi/ironclad-public-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://na1.ironcladapp.com/oauth/authorize
    tokenUrl: https://na1.ironcladapp.com/oauth/token
  - flow: clientCredentials
    tokenUrl: https://na1.ironcladapp.com/oauth/token
scopes:
- scope: public.entities.createEntities
  description: Create Entities
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.entities.deleteEntities
  description: Delete Entities
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.entities.readEntities
  description: Read Entities
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.entities.readRelationshipTypes
  description: Read Relationship Types
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.entities.updateEntities
  description: Update Entities
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.export.createReports
  description: Create Reports
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.export.readReports
  description: Read Reports
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.obligations.createObligations
  description: Create Obligations
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.obligations.deleteObligations
  description: Delete Obligations
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.obligations.readObligations
  description: Read Obligations
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.obligations.updateObligations
  description: Update Obligations
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.applyContractAction
  description: Apply Contract Actions
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.createAttachments
  description: Create Record Attachments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.createComments
  description: Create Workflow Comments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.createRecords
  description: Create Records
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.createSmartImportRecords
  description: Create Records via Smart Import
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.deleteAttachments
  description: Delete Record Attachments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.deleteRecords
  description: Delete Records
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.readAttachments
  description: Read Record Attachments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.readRecords
  description: Read Records
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.readSchemas
  description: Read Record Schemas
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.readSmartImportRecords
  description: Read Record Import Details from Smart Import
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.records.updateRecords
  description: Update Records
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.search.conversational
  description: Run Conversational agent Search
  flows:
  - authorizationCode
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.webhooks.createWebhooks
  description: Create Webhooks
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.webhooks.deleteWebhooks
  description: Delete Webhooks
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.webhooks.readWebhooks
  description: Read Webhooks
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.webhooks.updateWebhooks
  description: Update Webhooks
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.cancel
  description: Cancel Workflows
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.cancelSignatureRequests
  description: Cancel Signature Requests
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.createComments
  description: Create Workflow Comments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.createDocuments
  description: Create Workflow Documents
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.createEmbeddableSignerUrls
  description: Create Embeddable Signature Request Recipient URLs
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.createSignatureRecipientUrls
  description: Create Signature Request Recipient URLs
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.createWorkflows
  description: Create Workflows
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.deleteScheduledSignatureRequest
  description: Delete Scheduled Signature Request
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.deleteSigners
  description: Delete Signers
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.pauseAndResume
  description: Resume and Pause Workflows
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readApprovals
  description: Read Workflow Approvals
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readComments
  description: Read Workflow Comments
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readDocuments
  description: Read Workflow Documents
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readEmailCommunications
  description: Read Workflow Email Communications
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readParticipants
  description: Read Workflow Participants
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readRoleAssignees
  description: Read Workflow Role Eligible Assignees
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readSchemas
  description: Read Workflow Schemas
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readSignStatus
  description: Read Sign Status
  flows:
  - authorizationCode
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readSignatures
  description: Read Workflow Signatures
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readTurnHistory
  description: Read Workflow Turn History
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.readWorkflows
  description: Read Workflows
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.remindSigners
  description: Remind Signers
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.revertToReview
  description: Revert Workflows to Review
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.scheduleSendSignatureRequest
  description: Schedule Send Signature Request
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.sendSignatureRequests
  description: Send Signature Requests
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateApprovals
  description: Update Workflow Approvals
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateRoleAssignment
  description: Update Workflow Role Assignment
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateScheduledSignatureRequest
  description: Update Scheduled Signature Request
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateSignaturePacket
  description: Update Signature Packet
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateSigners
  description: Update Signers
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.updateWorkflows
  description: Update Workflows
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml
- scope: public.workflows.uploadSignedDocuments
  description: Upload Signed Workflow Documents
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/ironclad-public-api-openapi.yml