How do I change my OAuth 1 integration's permissions?
The AWeber API protects subscriber and customer privacy by hiding potentially sensitive information from the API by default. We call these permissions for OAuth 1 integrations.
If you need to access certain data in the API, you need to enable the setting in your developer account and when the customer authorizes your integration they'll see a note that lets them know your integration will use that data.
Only request the permissions necessary for your integration to function. They are exclusive, not inclusive. In other words having the manage email permission does not grant you the subscriber data permission.
Note: If you change the permissions settings in your developer account after you obtain access tokens, you will need to generate new tokens by having the customer reauthorize your integration. Otherwise, the AWeber customer will still be able to use your application but functionality that goes beyond the permissions in which they authorized originally will return a 404 Forbidden Error.
Looking for OAuth 2?
If you have an OAuth 2 integration, the permissions are added at the time of authorization based on the scopes you choose. If you need help authenticating see our guide to OAuth 2.
Step by Step Instructions
Follow these instructions to enable one of the permissions for your OAuth 1 integration.
- Log in to your developer account and click "Edit" on the integration you would like to have a new permission setting.
- In the window that pops up the settings for permissions will be near the bottom, beneath your logo. Click the checkbox next to any permissions you need.
- Then just click the save button at the bottom to make sure the changes are applied!
That's it! When your users authorize your integration they will see a screen like this that tells them your integration is requesting extra data from the API:
If you had users authorized before you changed the settings, be sure to let them know they need to reauthorize your integration so you can obtain new access tokens.