Read-only Shop access

TonyDowneyTonyDowney Member Posts: 12
The Inventory Levels tutorial here is fantastic https://developers.lightspeedhq.com/retail/tutorials/inventory/ and it only requires the "employee:inventory_read" scope.

But it doesn't give very useful data about the individual shops. All we get back is a Id number - no address or any other identifying information.

But the "Shop" endpoint here https://developers.lightspeedhq.com/retail/endpoints/Shop/ seems to require a much, MUCH higher level of scope, "employee:admin_shops" - which allows access to "view, create, update, and archive shops".

Is there a way to get simple data about a shop (i.e. address) without an admin-level scope?

7 comments

  • jamesratcliffejamesratcliffe Administrator, Lightspeed Staff Posts: 160 moderator
    @TonyDowney The admin scopes aren't higher-level than other scopes. For example, if you get a token with only the 'employee:admin_shops' scope, you won't have access to items.

    If you need access to to items and shops just request those 2 scopes.
    James Ratcliffe
    Lightspeed HQ
  • TonyDowneyTonyDowney Member Posts: 12
    Right - but the "employee:admin_shops" allows access to "view, create, update, and archive shops". That's WAY too broad and permissive when all we need is read-only access. Is there any alternative?
  • jamesratcliffejamesratcliffe Administrator, Lightspeed Staff Posts: 160 moderator
    No, unfortunately. We only have a read-only option for certain scopes.
    James Ratcliffe
    Lightspeed HQ
  • TonyDowneyTonyDowney Member Posts: 12
    So I was wrong. The "Shop" endpoint here https://developers.lightspeedhq.com/retail/endpoints/Shop/ is NOT covered by the "employee:admin_shops" scope. It returns a 403 forbidden error.

    So I'm confused - what scope is required to access this endpoint? Or even better, is there some sort of map that tells us what endpoints are covered by what scopes?
  • jamesratcliffejamesratcliffe Administrator, Lightspeed Staff Posts: 160 moderator
    You need at least one of these scopes will give you read access to shops:

    employee:register
    employee:register_read
    employee:inventory_base
    employee:reports
    employee:workbench
    employee:customers
    employee:customers_read
    employee:admin

    The employee:admin_shops scope only gives write access. This doesn't match its description, so this might be a bug. I'll look into it.
    James Ratcliffe
    Lightspeed HQ
  • TonyDowneyTonyDowney Member Posts: 12
    So I was wrong. The "Shop" endpoint here https://developers.lightspeedhq.com/retail/endpoints/Shop/ is NOT covered by the "employee:admin_shops" scope. It returns a 403 forbidden error.

    What scope is required then?

  • jamesratcliffejamesratcliffe Administrator, Lightspeed Staff Posts: 160 moderator
    You need at least of the scopes listed in my previous comment to have read access to shops.
    James Ratcliffe
    Lightspeed HQ
Sign In or Register to comment.