Permission scopes

Every native API your BooApp calls is gated by a scope. You declare the scopes you use in the submission form; the runtime enforces them and the user grants them.

Declare scopes in the submission form. Users grant medium-tier scopes once; high-tier scopes confirm every call.

Risk tiers

How a scope is granted

Low

Auto-granted. The user is already logged in, so consent is implied.

Medium

Granted once on first call via a bottom-sheet prompt; cached on the install record.

High

Confirmed every single call. Never cached. Used for irreversible or sensitive actions.

All scopes

Auth

ScopeAction it gatesRisk tier

auth.requireLoginGet current user identityLow

Pet Data

ScopeAction it gatesRisk tier

pet.listList the user's petsMedium
pet.readRead a single pet recordMedium
pet.updateUpdate fields on a petHigh

Media

ScopeAction it gatesRisk tier

media.pickImageOpen native image pickerMedium
media.pickVideoOpen native video pickerMedium
media.takePhotoOpen camera directlyMedium

Storage

ScopeAction it gatesRisk tier

storage.uploadUpload file to BooApp-scoped storageMedium

Location

ScopeAction it gatesRisk tier

location.getCurrentRead one-shot geolocationMedium
location.subscribeSubscribe to location updatesMedium

Payment

ScopeAction it gatesRisk tier

payment.requestCharge the user (always confirms)High

Notifications

ScopeAction it gatesRisk tier

notification.sendSchedule a push to the userMedium
notification.receiveReceive pushes targeted at this BooAppMedium

Communication

ScopeAction it gatesRisk tier

chat.openWithOpen chat sheet with another userMedium

Device

ScopeAction it gatesRisk tier

device.shareOpen native share sheetLow
device.hapticTrigger haptic tapLow
device.scanCodeOpen QR / barcode scannerMedium