Podio · OAuth Scopes

Podio OAuth Scopes

OAuth 2.0 searched

Podio publishes 5 OAuth 2.0 scopes via the authorizationCode flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Podio API on a user’s behalf.

Tokens are issued from https://api.podio.com/oauth/token/v2.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Work ManagementCollaborationProject ManagementCRMWorkflowCustom Apps
Scopes: 5 Flows: authorizationCode Method: searched

OAuth endpoints

Authorization URL
https://podio.com/oauth/authorize
Token URL
https://api.podio.com/oauth/token/v2
Flows
authorizationCode

Scopes (5)

ScopeDescriptionFlows
global:all Full access to all accessible areas of Podio. This is the default scope granted when the scope parameter is omitted or empty.
user:[permission] Access to areas related to the authenticated user, such as chat messages through the Conversations API or personal tasks. Decoupled from the other scopes and can be combined with them (space-separated). Permission is one of read, write, delete, or all.
org_[id]:[permission] Access to organizations; the user specifies which specific organizations are made accessible. Permission is one of read, write, delete, or all.
space_[id]:[permission] Access to spaces; the user specifies which specific spaces are made accessible. Granting Space scope also implicitly grants the App scope with identical permissions. Permission is one of read, write, delete, or all.
app_[id]:[permission] Access to apps; the user specifies which specific apps are made accessible. Permission is one of read, write, delete, or all.

Source

OAuth Scopes

podio-scopes.yml Raw ↑
generated: '2026-07-11'
method: searched
source: openapi/podio-openapi.yml
docs: https://developers.podio.com/authentication/scopes
note: >-
  Podio scopes are parameterized as [scope]:[permission] pairs passed in the
  OAuth scope query parameter. Scope types are global, user, org_[id],
  space_[id], and app_[id]; permissions are read, write, delete, and all.
  Scopes are hierarchical (e.g. space access implies equivalent app access;
  user scope is decoupled). Omitting the scope parameter defaults to
  global:all.
schemes:
- name: oauth2Authorization
  source: openapi/podio-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://podio.com/oauth/authorize
    tokenUrl: https://api.podio.com/oauth/token/v2
scopes:
- scope: global:all
  description: >-
    Full access to all accessible areas of Podio. This is the default scope
    granted when the scope parameter is omitted or empty.
  sources:
  - https://developers.podio.com/authentication/scopes
- scope: 'user:[permission]'
  description: >-
    Access to areas related to the authenticated user, such as chat messages
    through the Conversations API or personal tasks. Decoupled from the other
    scopes and can be combined with them (space-separated). Permission is one
    of read, write, delete, or all.
  sources:
  - https://developers.podio.com/authentication/scopes
- scope: 'org_[id]:[permission]'
  description: >-
    Access to organizations; the user specifies which specific organizations
    are made accessible. Permission is one of read, write, delete, or all.
  sources:
  - https://developers.podio.com/authentication/scopes
- scope: 'space_[id]:[permission]'
  description: >-
    Access to spaces; the user specifies which specific spaces are made
    accessible. Granting Space scope also implicitly grants the App scope
    with identical permissions. Permission is one of read, write, delete, or
    all.
  sources:
  - https://developers.podio.com/authentication/scopes
- scope: 'app_[id]:[permission]'
  description: >-
    Access to apps; the user specifies which specific apps are made
    accessible. Permission is one of read, write, delete, or all.
  sources:
  - https://developers.podio.com/authentication/scopes