Project API Key Scopes

When creating an API key in the project settings, you can predefine access permissions for that key by selecting the relative scopes. The following table describes the permissions that each scope provides.

ScopeDescription
botEnables communication between a Repeater and the Bright engine
files:readAllows reading files from the storage and verifying targets
files:writeAllows managing files in the storage, for example, uploading or deleting them
integration.repos:readAllows viewing associated repositories, for example, GitHub repositories, Slack channels, or Jira boards
issues:readAllows viewing detected issues
issues:manageAllows managing detected issues, for example assigning a user to an issue, marking an issue as resolved, or retesting an issue
scans:deleteAllows deleting scans
scans:manageAllows managing scans, for example editing scan settings or retesting a scan
scans:readAllows viewing existing scans
scans:runAllows running scans
scans:stopAllows stopping scans
scripts:readAllows viewing repeater’s scripts
scripts:writeAllows creating, editing, and deleting scripts
repeaters:readAllows viewing organization’s repeaters
repeaters:writeAllows creating, editing, and deleting a repeater, as well as testing repeater connection to a network