account=all
combined with scope=wallet:buys:create
can create buys on all of user’s wallets but won’t for example give access to sell on any of their accounts.
scope
parameter in your OAuth2 request. For example, your app may only need to view a user’s accounts and transaction history, but may not need or want the ability to send/receive and buy/sell a digital asset. Multiple permissions should be separated with a comma character in the URL (i.e. &scope=wallet:accounts:read,wallet:transactions:read
).
It’s recommended that you only ask for permissions that your application needs. If you need to obtain more permissions later, you can re-authenticate the user, forcing the user to consider authorizing additional permissions the next time s/he opens the app.
Here is an example request URL with a scope
parameter on the end: