When generating an API token, you need to select scope for it. APIs that can be used vary depending on the scope you have selected.
This page describes the APIs that can be used in each scope.

By selecting the "Read" scope, getting data such as user and organization information is allowed.

• Get user
• Get user's departments
• Get user's groups (or roles)
• Get user services
• Get departments
• Get department's users
• Get groups
• Get group's users
• Check the import results
• Export user information
• Export user services
• Export department information
• Export user's departments
• Export job title information
• Export group information
• Export user's groups (or roles)

By selecting the "Read and Write" scope, getting and changing data such as user and organization information are allowed.
However, changing the information of users who belong to the "Administrators" group or the group information to which users belong is not allowed.

• APIs that can be used in the "Read" scope
• Add users
• Update users' login names
• Update user's departments
• Update user services
• Add departments
• Update departments
• Delete departments
• Update department codes
• Add groups
• Update groups
• Delete groups
• Update group codes
• Upload files
• Import user services
• Import department information
• Import user's departments
• Import job title information
• Import group information

The following APIs can be used only when the information of users who do not belong to the "Administrators" group is included.

• Update users
• Delete users

By selecting the "Dangerous Zone" scope, all User API usage is allowed. Changing the information of users who belong to the "Administrators" group and the group information to which users belong is allowed.

• APIs that can be used in the "Read and Write" scope
• Update users
• Delete users
• Update user's groups (or roles)
• Update group's users
• Import user information
• Import user's groups (or roles)