Mandatory REST Api Scopes for using the IOS SDK

[mfhaberlach]

Are there any mandatory scopes to use the native IOS SDK with an access token that we obtained by using the OAuth2 Authentication? It seems so.

If we authorize our Demo Account with the Scopes “payments” and “transaction.history” we aren’t able to login to the native SDK. The following error message will be displayed.

But if we authorize our user with full scopes: “payments”, “transactions.history”, “user.profile_readonly”, “user.profile” “user.app-settings”, “payment_instruments”, “user.payout-settings” and “user.subaccounts” for instance, the login just works fine.

Is that an intented behavior?
If yes, which scopes are mandatory?

[Akhila-ramesh]

hi, fixed this issue?

[giulio92]

Hi @mfhaberlach,

Based on our official documentation, the behavior you're experiencing is expected.

To successfully log in and operate the native iOS SDK, certain scopes are mandatory to synchronize merchant configurations.

The reason your first attempt failed is that the SDK requires access to account settings and profile data to initialize the payment interface.

Mandatory Scopes for SDK Functionality

• user.app-settings
  Required to manage mobile app and card reader configurations.
• user.profile_readonly
  Necessary to retrieve merchant identity and account status.
• transactions.history
  Required to view and validate transaction records.

Restricted Scopes for Payments
To actually process transactions or manage cards, you must use the following scopes, which are marked as Restricted in our documentation:

• payments
  To create and process payment checkouts.
• payment_instruments
  To save or tokenize payment cards.

Note
As these are Restricted scopes, they are not granted by default. Your application must be manually verified and enabled by SumUp to use them. Please contact our support team to request activation for your Client ID.

Let us know if you need further assistance!