Toast · OAuth Scopes
Toast OAuth Scopes
OAuth 2.0
derived
Toast publishes 22 OAuth 2.0 scopes via the clientCredentials flow. Scopes are the fine-grained permissions an application requests at authorization time to act against the Toast API on a user’s behalf.
Tokens are issued from https://toast-api-server/authentication/v1/authentication/login.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
Food ServicePoint of SaleRestaurantsHospitality
Scopes: 22
Flows: clientCredentials
Method: derived
OAuth endpoints
Token URL
https://toast-api-server/authentication/v1/authentication/login
https://toast-api-server/authentication/v1/authentication/login
Flows
clientCredentials
clientCredentials
Scopes (22)
| Scope | Description | Flows |
|---|---|---|
| delivery_info.address:read | Allows reading guest delivery address information from the orders API. Optionally used in conjunction with the `orders:read` scope to return the `deliveredDate`, `dispatchedDate`, `deliveryEmployee`, and `deliveryState` fields as part of the `deliveryInfo` field on the Order object. | clientCredentials |
| employees.tax-identifier-masked:read | Allows reading masked tax identifier (SSN) information for employees via expand parameter. | clientCredentials |
| employees.tax-identifier-unmasked:read | Allows reading full unmasked tax identifier (SSN) information for employees via expand parameter. | clientCredentials |
| guest.pi:read | Allows reading guest and curbside pickup information from the orders API. Optionally used in conjunction with the `orders:read` scope to return the `email` and `phone` fields as part of the `checks[].customer` object. | clientCredentials |
| labor.employees:read | Allows reading employee information from the labor API. | clientCredentials |
| labor.employees:write | Allows updating employee information in the labor API. | clientCredentials |
| labor.jobs:write | Allows updating job information in the labor API. | clientCredentials |
| labor.shifts:write | Allows updating shift information in the labor API. | clientCredentials |
| labor:read | Allows reading all data except employees from the labor API. | clientCredentials |
| menus:read | Allows reading from menus API V2. | clientCredentials |
| orders.channel:read | Allows API clients that submit orders to the Toast platform to read from the orders API. To read orders, the API client must have both the orders:read scope and the orders.channel:read scope. API clients that have the orders.channel:read scope can only read the orders that they submitted. They cannot read orders from any other source. | clientCredentials |
| orders.channel:void | ||
| orders.delivery_info:write | Allows updating delivery information from the orders API. | clientCredentials |
| orders.discounts:write | Allows adding discounts to orders using the orders API. | clientCredentials |
| orders.items:write | Allows adding items to orders using the orders API. | clientCredentials |
| orders.orders:write | Allows posting orders orders using the orders API. | clientCredentials |
| orders.payments:write | Allows adding payments and tips to existing orders using the orders API. | clientCredentials |
| orders:read | Allows reading from the orders API with the exception of guest information. If your API client creates orders, then to read orders, it must have both the orders:read scope and the orders.channel:read scope. | clientCredentials |
| orders:void | ||
| restaurants:read | Allows reading from the restaurants API. | clientCredentials |
| stock:read | Allows reading from the stock API. | clientCredentials |
| stock:write | Allows updating stock status for menu items (and modifier option item references) using the stock API. | clientCredentials |