#Scopes
A scope is a permission to access part of your Bitrix24 data or a section of the VibeCode platform. When creating a key, choose the minimal set of scopes sufficient for the task: the fewer permissions a key has, the less impact if it is compromised.
Scopes are selected in the key creation form in two groups — "Bitrix24" and "VibeCode". At least one scope is required. The set of Bitrix24 scopes is locked to the key at the moment of issue. If you add a Bitrix24 scope in the settings of an existing key, GET /v1/me shows it in the list, but the key keeps accessing Bitrix24 data with its original set — requests that need the new scope return a BITRIX_ACCESS_DENIED error. You can obtain a new Bitrix24 scope only by re-issuing the API key or re-creating the application (for an authorization key) with that scope — the procedure is described on the Creating a key page.
For a step-by-step walkthrough of the entire key creation form, see Creating a key.
#How to choose scopes for a task
Quick reference: which scopes you need for a typical application scenario.
| Task | Scopes |
|---|---|
| Dashboard over deals, contacts, companies | crm, user |
Sending messages and notifications to chat (POST /v1/notifications, POST /v1/chats/:dialogId/messages) |
im |
Posting to the Activity Stream (POST /v1/posts) |
log |
| Chatbot in the portal messenger | imbot, im |
| Managing tasks | task, tasks, user |
| Workgroups and projects | sonet_group |
| Working with files on Drive | disk |
| Online store: orders and catalog | sale, catalog |
| Telephony and call log | telephony, call |
| Employee calendar and events | calendar, user |
| Employee profiles and org structure | user, department |
| Application's own data storage | entity |
| Business processes and automation | bizproc |
If several modules are involved in a scenario, specify several scopes.
#Full table of Bitrix24 scopes
The complete list of Bitrix24 scopes.
| Scope | What it grants |
|---|---|
crm |
Deals, leads, contacts, companies, invoices, and other CRM entities |
task |
Tasks. To work with tasks, select together with tasks |
tasks |
Tasks, subtasks, checklists, comments, time tracking. To work with tasks, select together with task |
im |
Sending and reading chat messages |
imbot |
Registering and managing chatbots |
imopenlines |
Open Channels: customer inquiries |
imconnector |
Connectors for external messengers (Open Channels) |
call |
Managing calls and telephony |
telephony |
Integration with external telephony and call management |
bizproc |
Launching and managing business processes |
calendar |
Access to employee calendars and events |
timeman |
Time tracking and attendance control |
catalog |
Working with the commercial catalog and products |
sale |
Orders, payments, deliveries — the online store module |
lists |
Universal lists and list items |
disk |
Uploading, downloading, and managing files on Drive |
entity |
Application's custom data storage |
user |
User profiles — full set of fields |
user_basic |
User profiles — reduced set of fields |
user_brief |
User profiles — minimal set of fields |
user.userfield |
Custom user fields |
department |
Company structure and departments |
landing |
Managing sites and landing pages |
documentgenerator |
Generating documents from templates |
sign.b2e |
Electronic document signing between an employee and the company |
sonet_group |
Workgroups and social network projects |
log |
Activity Stream: posts, comments, reactions |
vote |
Working with polls and votes |
ai_admin |
Administering Bitrix24 AI services |
biconnector |
Business analytics and connecting external BI systems |
booking |
Managing bookings and schedules |
delivery |
Configuring and managing delivery services |
pay_system |
Configuring and managing payment systems |
main |
Basic portal service methods: settings, events |
placement |
Embedding interfaces in various places of Bitrix24 |
userfieldtype |
Registering custom user field types |
humanresources |
Org structure: departments, teams, employees |
mail |
Mailboxes, emails, senders |
contact_center |
Contact Center: placing the application tile (Open Channel connectors). Required for the CONTACT_CENTER placement |
#VibeCode platform scopes
VibeCode platform scopes control access to sections of the platform itself, not to Bitrix24 data.
| Scope | What it grants |
|---|---|
vibe:infra |
Managing servers, tunnels, and infrastructure |
vibe:ai |
Access to the platform's AI models |
vibe:feedback |
Sending feedback via the API |
vibe:search |
Web search across external sources via the platform |
vibe:storage |
Platform file storage: uploading and storing objects |
#Reserved scopes
The "VibeCode" tab of the form has three more scopes — vibe:security, vibe:analytics, vibe:airouter. They are marked in the form and cannot be changed; you do not need to select them separately.
| Scope | Purpose |
|---|---|
vibe:security |
Scanning servers and managing security |
vibe:analytics |
Access to API-call analytics and statistics |
vibe:airouter |
Managing AI providers, models, and credentials |
#Scopes granted automatically
Four platform scopes are added to every personal key automatically — you do not need to select them in the form:
vibe:infravibe:aivibe:searchvibe:storage
The vibe:feedback scope is not granted automatically — check it in the form if the key needs to send feedback via the API.
#Management key scopes
A management key uses a separate set of scopes (vibe:mgmt:keys, vibe:mgmt:portals, vibe:mgmt:feedback) and has no access to Bitrix24 data. Full description — Management keys.