{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["admonition"]},"type":"markdown"},"seo":{"title":"API Permissions & Inheritance","siteUrl":"https://developer.flute.com","description":"Documentation and API reference for integrating Flute payment processing.","lang":"en-US","llmstxt":{"hide":true,"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"api-permissions--inheritance","__idx":0},"children":["API Permissions & Inheritance"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Flute uses a permission model that controls which API operations a token can perform."," ","Permissions are managed at the partner level and automatically inherited by all merchant tokens under that partner."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"api-key-scope","__idx":1},"children":["API Key Scope"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Every API key in Flute is scoped to either a ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["merchant"]}," or a ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["partner"]},":"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Merchant API keys"]}," can only access data and operations for that specific merchant."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Partner API keys"]}," operate across all merchants that belong to the partner."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["When you generate an API key in the Flute dashboard, the API key is automatically associated with your account's scope."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"permission-inheritance","__idx":2},"children":["Permission Inheritance"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["If a merchant belongs to a partner, the merchant's API key ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["inherits the partner's permission set"]},"."," ","The partner's permissions act as an allowlist."," ","They define the maximum set of API operations available to any merchant under that partner."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This means:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["If a permission is ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["enabled"]}," at the partner level, merchant tokens under that partner can use the corresponding API endpoints."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["If a permission is ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["disabled"]}," at the partner level, any request from a merchant token to a restricted endpoint will return ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["403 Forbidden"]}]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Standalone merchants"]}," (not associated with a partner) have full access to all API operations without permission restrictions."]}]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"info"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Permission changes at the partner level take effect immediately for all merchant tokens under that partner."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"permission-categories","__idx":3},"children":["Permission Categories"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Permissions are organized into the following categories. Each permission controls access to one or more related API endpoints."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"pos--terminal-operations","__idx":4},"children":["POS / Terminal Operations"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Start POS Transaction"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Initiate a new transaction on a terminal device"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get POS Transactions"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["List POS transactions"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get POS Transaction Details"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve details of a specific POS transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Cancel POS Transaction"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Cancel a pending POS transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Print POS Receipt"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Print a transaction receipt on the terminal"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Terminal List"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["List available terminal devices"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Terminal Information"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve details of a specific terminal"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"e-commerce-card-not-present","__idx":5},"children":["E-Commerce (Card Not Present)"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Auth"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Authorize a card transaction without capturing funds."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Sale"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Authorize and capture a card transaction in one step."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Capture"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Capture a previously authorized transaction."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Void"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Void a transaction before settlement."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Refund"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Refund a settled transaction."]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Refund Without Reference"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Issue a refund without referencing an original transaction. This is a considerably high-risk transaction type, as funds are debited directly from the merchant’s account even if the original sale was not processed through Flute."]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"ach-transactions","__idx":6},"children":["ACH Transactions"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["ACH Debit"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Initiate an ACH debit transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["ACH Credit"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Initiate an ACH credit transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["ACH Void"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Void an ACH transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["ACH Hold"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Place a hold on an ACH transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["ACH Unhold"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Release a hold on an ACH transaction"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"payment-management--reporting","__idx":7},"children":["Payment Management & Reporting"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["List Transactions"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve a list of transactions with filtering options"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Transaction Details"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve full details of a specific transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Calculate Transaction Amount"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Calculate totals including surcharges and fees"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Submit Tip Adjustment"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Adjust the tip amount on a transaction"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Settlement Batches"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["List settlement batches"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Submit Batch for Settlement"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Submit an open batch for settlement"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Send Receipt by SMS"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Send a transaction receipt via text message"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"customer-management","__idx":8},"children":["Customer Management"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["List Customers"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve a list of stored customers"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Get Customer Details"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve details of a specific customer"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Manage Customers"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Create, update, and delete customer records"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"hosted-solutions","__idx":9},"children":["Hosted Solutions"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Invoices"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Create and manage hosted invoices"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Quick Payments"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Create and manage hosted quick payment links"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Subscriptions"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Create and manage recurring subscription plans"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Web Components"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Use the Flute JS library for embedded payment forms"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"features","__idx":10},"children":["Features"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Tap to Pay on Mobile"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Enable Tap to Pay functionality on mobile devices"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"general","__idx":11},"children":["General"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following permissions are ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["always enabled"]}," and cannot be disabled:"]},{"$$mdtype":"Tag","name":"div","attributes":{"className":"md-table-wrapper"},"children":[{"$$mdtype":"Tag","name":"table","attributes":{"className":"md"},"children":[{"$$mdtype":"Tag","name":"thead","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Permission"},"children":["Permission"]},{"$$mdtype":"Tag","name":"th","attributes":{"data-label":"Description"},"children":["Description"]}]}]},{"$$mdtype":"Tag","name":"tbody","attributes":{},"children":[{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Ping"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Health check endpoint"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Status"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Service status endpoint"]}]},{"$$mdtype":"Tag","name":"tr","attributes":{},"children":[{"$$mdtype":"Tag","name":"td","attributes":{},"children":[{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Configurations"]}]},{"$$mdtype":"Tag","name":"td","attributes":{},"children":["Retrieve account configuration settings"]}]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"how-it-works-in-practice","__idx":12},"children":["How It Works in Practice"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["When a merchant belongs to a partner, every API request from that merchant's token is checked against the partner's permission set:"]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["The request is authenticated using the merchant's API key."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["The system identifies the partner that the merchant belongs to."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["The required permission for the requested endpoint is checked against the partner's permission configuration."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["If the permission is enabled, the request proceeds normally."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["If the permission is disabled, the API returns ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":[{"$$mdtype":"Tag","name":"code","attributes":{},"children":["403 Forbidden"]}]},"."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For standalone merchants (those not associated with any partner), permission checks are not applied — all API operations are available."]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"success"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["If you receive an unexpected ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["403 Forbidden"]}," response, check with your partner administrator to confirm the required permission is enabled for your account."]}]}]},"headings":[{"value":"API Permissions & Inheritance","id":"api-permissions--inheritance","depth":1},{"value":"API Key Scope","id":"api-key-scope","depth":2},{"value":"Permission Inheritance","id":"permission-inheritance","depth":2},{"value":"Permission Categories","id":"permission-categories","depth":2},{"value":"POS / Terminal Operations","id":"pos--terminal-operations","depth":3},{"value":"E-Commerce (Card Not Present)","id":"e-commerce-card-not-present","depth":3},{"value":"ACH Transactions","id":"ach-transactions","depth":3},{"value":"Payment Management & Reporting","id":"payment-management--reporting","depth":3},{"value":"Customer Management","id":"customer-management","depth":3},{"value":"Hosted Solutions","id":"hosted-solutions","depth":3},{"value":"Features","id":"features","depth":3},{"value":"General","id":"general","depth":3},{"value":"How It Works in Practice","id":"how-it-works-in-practice","depth":2}],"frontmatter":{"title":"API Permissions & Inheritance","description":"Understand how API token permissions work and how partner-level permissions inherit down to merchant tokens.","seo":{"title":"API Permissions & Inheritance"}},"lastModified":"2026-06-04T21:55:25.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/docs/getting-started/api-permissions","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}