# Permission Scopes

The Kolo API uses certain scopes to control access to various resources and actions on a customer's account. Each scope allows specific operations on the associated resources. 

Below is a detailed explanation of the available scopes, including the corresponding endpoints and how they work.

## **Scope Descriptions**

| Scope                 | Description                                        |
| --------------------- | -------------------------------------------------- |
| `transaction:list`    | Allows listing all transactions.                   |
| `transaction:view`    | Allows viewing details of a specific transaction.  |
| `transaction:update`  | Allows updating a specific transaction.            |
| `bank_account:list`   | Allows listing all bank accounts.                  |
| `bank_account:view`   | Allows viewing details of a specific bank account. |
| `bank_account:add`    | Allows adding a new bank account.                  |
| `bank_account:update` | Allows updating a specific bank account.           |
| `bank_account:delete` | Allows deleting a specific bank account.           |
| `bank_account:sync`   | Allows synchronizing a specific bank account.      |
| `profile:view`        | Allows viewing the user's profile.                 |

Depending on the use case, make sure to EXPLICITLY state what scopes you are requesting for in your request. 

{% hint style="warning" %}
Note

If any of these scopes are not clearly defined in your initial URL, you won't be able to carry out any of these actions.
{% endhint %}