# Documentation relatives aux autorisations
Liste des événements disponibles et des autorisations nécessaires.
> #### Utiliser l’API Accounts v2 pour représenter les clients
>
> L’API Accounts v2 est généralement disponible pour les utilisateurs de Connect et en aperçu public pour les autres utilisateurs de Stripe. Si vous avez accès à l’aperçu Accounts v2, vous devez [spécifier une version d’aperçu](https://docs.stripe.com/api-v2-overview.md#sdk-and-api-versioning) dans votre code.
>
> Pour demander l’accès à l’aperçu Accounts v2,
>
> Dans la plupart des cas d’usage, nous vous recommandons de [modéliser vos clients en tant qu’objets Account configurés par le client](https://docs.stripe.com/accounts-v2/use-accounts-as-customers.md), plutôt que d’utiliser des objets [Customer](https://docs.stripe.com/api/customers.md).
Une application Stripe requiert une autorisation pour lire ou écrire des données utilisateur. Cela inclut les situations suivantes :
- Accès aux objets API Stripe : voir [Autorisations relatives aux objets](https://docs.stripe.com/stripe-apps/reference/permissions.md#object)
- S’abonner aux événements : consultez les [Autorisations d’événement](https://docs.stripe.com/stripe-apps/reference/permissions.md#event-permissions)
Pour demander des autorisations, ajoutez-les au tableau `permissions` de votre fichier de manifeste d’application. Vous pouvez aussi gérer le tableau via la CLI. Les administrateurs de compte ayant installé votre application doivent accepter les demandes d’autorisation que vous avez ajoutées avant de pouvoir l’utiliser.
Si votre application effectue une action sans en avoir l’autorisation, Stripe peut envoyer une [erreur de requête invalide](https://docs.stripe.com/error-handling.md#invalid-request-errors).
## Gérer les autorisations
Vous pouvez ajouter une autorisation au tableau `permissions` du fichier de manifeste d’application `stripe-app.json` en utilisant la commande suivante :
```bash
stripe apps grant permission "PERMISSION_NAME" "EXPLANATION"
```
Remplacez :
- Remplacez `PERMISSION_NAME` par le nom de l’autorisation. Vous pouvez trouver les noms des autorisations pour les [objets](https://docs.stripe.com/stripe-apps/reference/permissions.md#object) et les [événements](https://docs.stripe.com/stripe-apps/reference/permissions.md#event-permissions) dans les sections ci-dessous.
- `EXPLANATION` avec une explication relative à l’autorisation d’accès. Les utilisateurs voient cette explication lorsqu’ils installent votre application.
Répétez cette étape pour chaque autorisation que vous souhaitez ajouter à votre application.
Par exemple, après avoir ajouté l’autorisation `customer_read`, le fichier du manifeste de votre application pourrait ressembler à ce qui suit :
```json
{
"id": "com.example.app",
"version": "1.2.3",
"name": "Example App",
"icon": "./example_icon_32.png","permissions": [
{
"permission": "customer_read",
"purpose": "Receive access to the customer’s phone number"
}
],
}
```
Pour supprimer une autorisation, vous pouvez aussi utiliser la CLI :
```bash
stripe apps revoke permission "PERMISSION_NAME"
```
## Autorisations relatives aux objets
Pour chaque [objet API](https://docs.stripe.com/api.md) que votre application lit ou écrit, vous devez demander au moins l’une des autorisations correspondantes.
Si vous [développez des objets](https://docs.stripe.com/expand.md) dans les réponses de vos requêtes API, vous devez également demander au moins une autorisation correspondante pour chaque objet API que vous développez.
Product | Resource | Permissions | Description
Billing | Coupons | coupon_read, coupon_write | Grants access to Coupons|https://docs.stripe.com/api/coupons and Coupon events
Billing | Credit notes | credit_note_read, credit_note_write | Grants access to Credit Notes|https://docs.stripe.com/api/credit_notes and Credit Note events.{LineBreak}This permission also implies the following permissions: Invoices (Read)
Billing | Customer portal | customer_portal_read, customer_portal_write | Grants access to Customer Portal|https://docs.stripe.com/api/customer_portal/configurations and Customer Portal events
Billing | Entitlements | entitlement_read | Grants access to Entitlements|https://docs.stripe.com/billing/entitlements and Entitlement events
Billing | Invoices | invoice_read, invoice_write | Grants access to Invoices|https://docs.stripe.com/api/invoices and Invoice events.{LineBreak}This permission also implies the following permission: Credit Notes (Read)
Billing | Meter Events | billing_meter_event_read, billing_meter_event_write | Grants access to Billing Meter Events|https://docs.stripe.com/api/billing/meter-event
Billing | Meters | billing_meter_read, billing_meter_write | Grants access to Billing Meters|https://docs.stripe.com/api/billing/meter and Billing Meter events
Billing | Prices | plan_read, plan_write | Grants access to Prices|https://docs.stripe.com/api/prices and Price events
Billing | Promotion Codes | promotion_code_read, promotion_code_write | Grants access to Promotion Codes|https://docs.stripe.com/api/promotion_codes and Promotion Code events
Billing | Quote | quote_read, quote_write | Grants access to Quotes|https://docs.stripe.com/api/quotes and Quote events.{LineBreak}This permission also implies the following permissions: SKUs (Read) and Products (Read)
Billing | Subscriptions | subscription_read, subscription_write | Grants access to Subscriptions|https://docs.stripe.com/api/subscriptions and Subscription events
Billing | Tax Rates | tax_rate_read, tax_rate_write | Grants access to Tax Rates|https://docs.stripe.com/api/tax_rates and Tax Rate events
Billing | Test clocks | billing_clock_read, billing_clock_write | Grants access to Test clocks|https://stripe.com/docs/billing/testing/test-clocks and Test clock events
Billing | Usage Records | usage_record_read, usage_record_write | Grants access to Usage Records|https://docs.stripe.com/api/subscription_items
Checkout | Checkout Sessions | checkout_session_read, checkout_session_write | Grants access to Sessions|https://docs.stripe.com/api/checkout/sessions and Session events.{LineBreak}This permission also implies the following permissions: Mandates (Read), Payment Intents (Read), Payment Links (Read), Products (Read), Setup Intents (Read), and SKUs (Read)
Connect | Account Links | account_link_write | Grants access to Account Links|https://docs.stripe.com/api/account_links
Connect | Application Fees | application_fee_read, application_fee_write | Grants access to Application Fees|https://docs.stripe.com/api/application_fees and Application Fees events
Connect | Financing Offers | capital_for_platforms_financing_offer_read, capital_for_platforms_financing_offer_write | Grants access to Financial Offers|api/capital/connect_financing_object
Connect | Financing Summary | capital_for_platforms_financing_summary_read | Grants access to Financial Summaries|https://docs.stripe.com/api/capital/financing_summary
Connect | Financing Transactions | capital_for_platforms_financing_transaction_read | Grants access to Financing Transactions|https://docs.stripe.com/api/capital/financing_transactions
Connect | Login Links | edit_link_write | Grants access to Login Links|https://docs.stripe.com/api/accounts/login_link
Connect | Top-ups | top_up_read, top_up_write | Grants access to Top-ups|https://docs.stripe.com/api/topups
Connect | Transfers | transfer_read, transfer_write | Grants access to Transfers|https://docs.stripe.com/api/transfers and Transfer events.{LineBreak}This permission also implies the following permission: Payouts (Read)
Core | Accounts | connected_account_read | Grants access to read Accounts|https://docs.stripe.com/api/accounts
Core | Apple Pay Domains | apple_pay_domain_read, apple_pay_domain_write | Grants access to Apple Pay Domain resources.{LineBreak}To use Apple Pay, you need to register your web domains with Apple. You can find more information here|https://stripe.com/docs/stripe-js/elements/payment-request-button#verifying-your-domain-with-apple-pay
Core | Balance | balance_read | Grants access to Balance|https://docs.stripe.com/api/balance and Balance events
Core | Balance Transaction Source | balance_transaction_source_read | This permission allows you to expand the `source` attribute when retrieving Balance Transactions|https://docs.stripe.com/api/balance_transactions.{LineBreak}Note that this permission also implies the following permissions: Application Fees (Read), Balance (Read), Financing Transactions (Read), Payouts (Read), Transfers (Read), and Balance Transfers (Read)
Core | Charges and Refunds | charge_read, charge_write | Grants access to Charges|https://docs.stripe.com/api/charges and Refunds|https://docs.stripe.com/api/refunds
Core | Confirmation Token | confirmation_token_read | Grants access to Confirmation Tokens|https://docs.stripe.com/api/confirmation_tokens.{LineBreak}This permission allows retrieving Confirmation Token details server-side.
Core | Confirmation Token (client) | confirmation_token_client_read, confirmation_token_client_write | Grants access to Confirmation Tokens|https://docs.stripe.com/api/confirmation_tokens.{LineBreak}This permission allows creating and reading Confirmation Tokens from the client during checkout.
Core | Customer Session | customer_session_read, customer_session_write | Grants access to Customer Sessions|https://docs.stripe.com/api/customer_sessions
Core | Customers | customer_read, customer_write | Grants access to Customers|https://docs.stripe.com/api/customers and Customer events.{LineBreak}This permission also implies the following permission: Billing Clocks (Read)
Core | Disputes | dispute_read, dispute_write | Grants access to Disputes|https://docs.stripe.com/api/disputes
Core | Events | event_read | Grants access to all Events|https://docs.stripe.com/api/events of all types
Core | Files | file_read, file_write | Grants access to Files|https://docs.stripe.com/api/files and File events
Core | Payment Intents | payment_intent_read, payment_intent_write | Grants access to Payment Intents|https://docs.stripe.com/api/payment_intents and PaymentIntent events.{LineBreak}This permission also implies the following permissions: Products (Read) and SKUs (Read)
Core | Payment Links | payment_links_read, payment_links_write | Grants access to Payment Links|https://stripe.com/docs/payments/payment-links and Payment Link events.{LineBreak}This permission also implies the following permissions: Mandates (Read), Products (Read), and SKUs (Read)
Core | Payment Method Configurations | payment_method_configurations_read, payment_method_configurations_write | Grants access to PaymentMethodConfigurations|https://docs.stripe.com/api/payment_method_configurations.
Core | Payment Method Domains | payment_method_domain_read, payment_method_domain_write | Grants access to Payment Method Domains|https://docs.stripe.com/payments/payment-methods/pmd-registration
Core | Payment Methods | payment_method_read, payment_method_write | Grants access to PaymentMethods|https://docs.stripe.com/api/payment_methods and PaymentMethod events.{LineBreak}This permission also implies the following permission: Sources (Read)
Core | Payment Records | payment_records_read, payment_records_write | Grants access to Payment Records|https://docs.stripe.com/api/payment-record
Core | Payouts | payout_read, payout_write | Grants access to Payouts|https://docs.stripe.com/api/payouts and Payout events
Core | Products | product_read, product_write | Grants access to Products|https://docs.stripe.com/api/products and Product events
Core | Setup Intents | setup_intent_read, setup_intent_write | Grants access to SetupIntents|https://docs.stripe.com/api/setup_intents and SetupIntent events.{LineBreak}This permission also implies the following permission: Mandates (Read)
Core | Shipping Rates | shipping_rate_read, shipping_rate_write | Grants access to Shipping Rates|https://docs.stripe.com/api/shipping_rates
Core | Sources | source_read, source_write | Grants access to Sources|https://docs.stripe.com/api/sources
Core | Tokens | token_read, token_write | Grants access to Tokens|https://docs.stripe.com/api/tokens
Issuing | Authorizations | issuing_authorization_read, issuing_authorization_write | Grants access to Authorizations|https://docs.stripe.com/api/issuing/authorizations
Issuing | Cardholders | issuing_cardholder_read, issuing_cardholder_write | Grants access to Cardholders|https://docs.stripe.com/api/issuing/cardholders
Issuing | Cards | issuing_card_read, issuing_card_write | Grants access to Cards|https://docs.stripe.com/api/issuing/cards
Issuing | Credit Ledger | issuing_credit_ledger_read, issuing_credit_ledger_write | Grants access to Issuing Credit Ledger resources including entries, adjustments, and summary
Issuing | Disputes | issuing_dispute_read, issuing_dispute_write | Grants access to Issuing Disputes|https://docs.stripe.com/api/issuing/disputes
Issuing | Issuing Tokens | issuing_token_read, issuing_token_write | Grants access to Issuing Tokens|https://docs.stripe.com/api/issuing/tokens
Issuing | Issuing Tokens Network Data | issuing_token_network_data_read | Grants access to Issuing Tokens|https://docs.stripe.com/api/issuing/tokens Network Data
Issuing | Transactions | issuing_transaction_read, issuing_transaction_write | Grants access to Transactions|https://docs.stripe.com/api/issuing/transactions
Money Management | Recipient Verifications | recipient_verification_read | Grants access to Money Management Recipient Verifications
Orders | Orders | order_read, order_write | Grants access to Orders
Orders | SKUs | sku_read, sku_write | Grants access to Terminal SKUs and SKU|https://docs.stripe.com/api/terminal/hardware_skus events
Provisioning | Provisioning Account Requests | provisioning_account_request_read, provisioning_account_request_write | Grants access to Provisioning Account Requests
Provisioning | Provisioning Projects | provisioning_project_read, provisioning_project_write | Grants access to Provisioning Projects
Provisioning | Provisioning Resources | provisioning_resource_read, provisioning_resource_write | Grants access to Provisioning Resources
Radar | Reviews | review_read, review_write | Grants access to Reviews|https://docs.stripe.com/api/radar/reviews
Reporting | Report Runs and Report Types | report_runs_and_report_types_read | Grants access to Report Types|https://docs.stripe.com/api/reporting/report_type and allows creation of Report Runs|https://docs.stripe.com/api/reporting/report_run.
Stripe Apps | Secrets | secret_read, secret_write | Grants access to Secrets|https://docs.stripe.com/api/secret_management. Apps can only access secrets they create.
Stripe Apps | User Email | user_email_read | Grants access to user emails
Tax | Tax Calculations and Transactions | tax_calculations_and_transactions_read, tax_calculations_and_transactions_write | Grants access to Tax Transactions|https://docs.stripe.com/api/tax/transactions
Tax | Tax Enrollment Information | tax_enrollment_information_read | Grants access to access to Tax Enrollment information
Tax | Tax Liability | tax_liability_read | Grants access to access to Tax Liability report
Tax | Tax Settings and Registrations | tax_settings_read, tax_settings_write | Grants access to Tax Settings|https://docs.stripe.com/api/tax/settings and Tax Registrations|https://docs.stripe.com/api/tax/registrations
Terminal | Configurations | terminal_configuration_read, terminal_configuration_write | Grants access to Configurations|https://docs.stripe.com/api/terminal/configuration
Terminal | Connection Tokens | terminal_connection_token_write | Grants access to Connection Tokens|https://docs.stripe.com/api/terminal/connection_tokens
Terminal | Locations | terminal_location_read, terminal_location_write | Grants access to Locations|https://docs.stripe.com/api/terminal/locations
Terminal | Readers | terminal_reader_read, terminal_reader_write | Grants access to Readers|https://docs.stripe.com/api/terminal/readers
Treasury | Transactions | treasury_transaction_read | Grants access to Treasury Transactions|https://docs.stripe.com/api/treasury/transactions
Webhook | Webhook Endpoints and Event Destinations | webhook_read, webhook_write | Grants access to Webhook Endpoints|https://docs.stripe.com/api/webhook_endpoints and Event Destinations|https://docs.stripe.com/api/v2/core/event-destinations. This is a sensitive permission as it allows subscribing to events from all Stripe APIs, which can expose data across your entire account.
## Autorisations relatives aux événements
Pour chaque [événement](https://docs.stripe.com/api/events/types.md) auquel votre application s’abonne, elle doit demander au moins l’une des autorisations correspondantes.
## See also
- [Documentation du manifeste d’application](https://docs.stripe.com/stripe-apps/reference/app-manifest.md)
- [Fonctionnement des extensions d’interface utilisateur](https://docs.stripe.com/stripe-apps/how-ui-extensions-work.md)