# 権限リファレンス
使用可能なイベントと必要な権限のリスト。
> #### Accounts v2 API を使用した顧客の表現
>
> Accounts v2 API では、Connect ユーザーには一般提供され、その他の Stripe ユーザーには公開プレビューで提供されます。Accounts v2 プレビューの一部である場合は、コードで[プレビューバージョン](https://docs.stripe.com/api-v2-overview.md#sdk-and-api-versioning)を指定する必要があります。
>
> Accounts v2 プレビューへのアクセスをリクエストするには、
>
> ほとんどのユースケースでは、[Customer](https://docs.stripe.com/api/customers.md) オブジェクトを使用するのではなく、[顧客を顧客設定済みの Account オブジェクトとしてモデル化する](https://docs.stripe.com/accounts-v2/use-accounts-as-customers.md)ことをお勧めします。
Stripe アプリがユーザーデータの読み取りや書き込みを行うには、権限が必要です。これには以下の状況が含まれます。
- Stripe API オブジェクトにアクセスする ([オブジェクトの権限](https://docs.stripe.com/stripe-apps/reference/permissions.md#object)を参照)
- イベントのサブスクライブについては、[Event permissions](https://docs.stripe.com/stripe-apps/reference/permissions.md#event-permissions) を参照してください
権限をリクエストするには、アプリマニフェストファイルで `permissions` 配列に権限をリストします。この配列は、CLI から管理することもできます。アプリをインストールするアカウント管理者はアプリを使用する前に、リストされた権限を受け入れる必要があります。
権限がないアクションをアプリが実行しようとすると、Stripe は[無効なリクエストエラー](https://docs.stripe.com/error-handling.md#invalid-request-errors)を返すことがあります。
## 権限を管理する
以下のコマンドを使用すると、`stripe-app.json` アプリマニフェストファイルの `permissions` 配列に権限を追加できます。
```bash
stripe apps grant permission "PERMISSION_NAME" "EXPLANATION"
```
以下を置き換えます。
- `PERMISSION_NAME` を権限名に置き換えます。[オブジェクト](https://docs.stripe.com/stripe-apps/reference/permissions.md#object)と [イベント](https://docs.stripe.com/stripe-apps/reference/permissions.md#event-permissions)の権限名は、以下のセクションで確認できます。
- `EXPLANATION` には、アクセス有効化についての説明が表示されます。この説明は、アプリのインストール時にユーザーに表示されます。
アプリケーションに追加する権限ごとにこの手順を繰り返します。
たとえば、`customer_read` 権限を追加した後のアプリのマニフェストファイルは次のようになります。
```json
{
"id": "com.example.app",
"version": "1.2.3",
"name": "Example App",
"icon": "./example_icon_32.png","permissions": [
{
"permission": "customer_read",
"purpose": "Receive access to the customer’s phone number"
}
],
}
```
権限の削除には、CLI を使用することもできます。
```bash
stripe apps revoke permission "PERMISSION_NAME"
```
## オブジェクトの権限
アプリが読み取りまたは書き込みする [API オブジェクト](https://docs.stripe.com/api.md)ごとに、対応する権限を少なくとも 1 つリクエストする必要があります。
API リクエストのレスポンスで[オブジェクトを拡張](https://docs.stripe.com/expand.md)する場合は、拡張する API オブジェクトごとに対応する権限を少なくとも 1 つリクエストすることも必要になります。
Product | Resource | Permissions | Description
Billing | Coupons | coupon_read, coupon_write | Grants access to Coupons|https://docs.stripe.com/api/coupons and Coupon events
Billing | Credit notes | credit_note_read, credit_note_write | Grants access to Credit Notes|https://docs.stripe.com/api/credit_notes and Credit Note events.{LineBreak}This permission also implies the following permissions: Invoices (Read)
Billing | Customer portal | customer_portal_read, customer_portal_write | Grants access to Customer Portal|https://docs.stripe.com/api/customer_portal/configurations and Customer Portal events
Billing | Entitlements | entitlement_read | Grants access to Entitlements|https://docs.stripe.com/billing/entitlements and Entitlement events
Billing | Invoices | invoice_read, invoice_write | Grants access to Invoices|https://docs.stripe.com/api/invoices and Invoice events.{LineBreak}This permission also implies the following permission: Credit Notes (Read)
Billing | Meter Events | billing_meter_event_read, billing_meter_event_write | Grants access to Billing Meter Events|https://docs.stripe.com/api/billing/meter-event
Billing | Meters | billing_meter_read, billing_meter_write | Grants access to Billing Meters|https://docs.stripe.com/api/billing/meter and Billing Meter events
Billing | Prices | plan_read, plan_write | Grants access to Prices|https://docs.stripe.com/api/prices and Price events
Billing | Promotion Codes | promotion_code_read, promotion_code_write | Grants access to Promotion Codes|https://docs.stripe.com/api/promotion_codes and Promotion Code events
Billing | Quote | quote_read, quote_write | Grants access to Quotes|https://docs.stripe.com/api/quotes and Quote events.{LineBreak}This permission also implies the following permissions: SKUs (Read) and Products (Read)
Billing | Subscriptions | subscription_read, subscription_write | Grants access to Subscriptions|https://docs.stripe.com/api/subscriptions and Subscription events
Billing | Tax Rates | tax_rate_read, tax_rate_write | Grants access to Tax Rates|https://docs.stripe.com/api/tax_rates and Tax Rate events
Billing | Test clocks | billing_clock_read, billing_clock_write | Grants access to Test clocks|https://stripe.com/docs/billing/testing/test-clocks and Test clock events
Billing | Usage Records | usage_record_read, usage_record_write | Grants access to Usage Records|https://docs.stripe.com/api/subscription_items
Checkout | Checkout Sessions | checkout_session_read, checkout_session_write | Grants access to Sessions|https://docs.stripe.com/api/checkout/sessions and Session events.{LineBreak}This permission also implies the following permissions: Mandates (Read), Payment Intents (Read), Payment Links (Read), Products (Read), Setup Intents (Read), and SKUs (Read)
Connect | Account Links | account_link_write | Grants access to Account Links|https://docs.stripe.com/api/account_links
Connect | Application Fees | application_fee_read, application_fee_write | Grants access to Application Fees|https://docs.stripe.com/api/application_fees and Application Fees events
Connect | Financing Offers | capital_for_platforms_financing_offer_read, capital_for_platforms_financing_offer_write | Grants access to Financial Offers|api/capital/connect_financing_object
Connect | Financing Summary | capital_for_platforms_financing_summary_read | Grants access to Financial Summaries|https://docs.stripe.com/api/capital/financing_summary
Connect | Financing Transactions | capital_for_platforms_financing_transaction_read | Grants access to Financing Transactions|https://docs.stripe.com/api/capital/financing_transactions
Connect | Login Links | edit_link_write | Grants access to Login Links|https://docs.stripe.com/api/accounts/login_link
Connect | Top-ups | top_up_read, top_up_write | Grants access to Top-ups|https://docs.stripe.com/api/topups
Connect | Transfers | transfer_read, transfer_write | Grants access to Transfers|https://docs.stripe.com/api/transfers and Transfer events.{LineBreak}This permission also implies the following permission: Payouts (Read)
Core | Accounts | connected_account_read | Grants access to read Accounts|https://docs.stripe.com/api/accounts
Core | Apple Pay Domains | apple_pay_domain_read, apple_pay_domain_write | Grants access to Apple Pay Domain resources.{LineBreak}To use Apple Pay, you need to register your web domains with Apple. You can find more information here|https://stripe.com/docs/stripe-js/elements/payment-request-button#verifying-your-domain-with-apple-pay
Core | Balance | balance_read | Grants access to Balance|https://docs.stripe.com/api/balance and Balance events
Core | Balance Transaction Source | balance_transaction_source_read | This permission allows you to expand the `source` attribute when retrieving Balance Transactions|https://docs.stripe.com/api/balance_transactions.{LineBreak}Note that this permission also implies the following permissions: Application Fees (Read), Balance (Read), Financing Transactions (Read), Payouts (Read), Transfers (Read), and Balance Transfers (Read)
Core | Charges and Refunds | charge_read, charge_write | Grants access to Charges|https://docs.stripe.com/api/charges and Refunds|https://docs.stripe.com/api/refunds
Core | Confirmation Token | confirmation_token_read | Grants access to Confirmation Tokens|https://docs.stripe.com/api/confirmation_tokens.{LineBreak}This permission allows retrieving Confirmation Token details server-side.
Core | Confirmation Token (client) | confirmation_token_client_read, confirmation_token_client_write | Grants access to Confirmation Tokens|https://docs.stripe.com/api/confirmation_tokens.{LineBreak}This permission allows creating and reading Confirmation Tokens from the client during checkout.
Core | Customer Session | customer_session_read, customer_session_write | Grants access to Customer Sessions|https://docs.stripe.com/api/customer_sessions
Core | Customers | customer_read, customer_write | Grants access to Customers|https://docs.stripe.com/api/customers and Customer events.{LineBreak}This permission also implies the following permission: Billing Clocks (Read)
Core | Disputes | dispute_read, dispute_write | Grants access to Disputes|https://docs.stripe.com/api/disputes
Core | Events | event_read | Grants access to all Events|https://docs.stripe.com/api/events of all types
Core | Files | file_read, file_write | Grants access to Files|https://docs.stripe.com/api/files and File events
Core | Payment Intents | payment_intent_read, payment_intent_write | Grants access to Payment Intents|https://docs.stripe.com/api/payment_intents and PaymentIntent events.{LineBreak}This permission also implies the following permissions: Products (Read) and SKUs (Read)
Core | Payment Links | payment_links_read, payment_links_write | Grants access to Payment Links|https://stripe.com/docs/payments/payment-links and Payment Link events.{LineBreak}This permission also implies the following permissions: Mandates (Read), Products (Read), and SKUs (Read)
Core | Payment Method Configurations | payment_method_configurations_read, payment_method_configurations_write | Grants access to PaymentMethodConfigurations|https://docs.stripe.com/api/payment_method_configurations.
Core | Payment Method Domains | payment_method_domain_read, payment_method_domain_write | Grants access to Payment Method Domains|https://docs.stripe.com/payments/payment-methods/pmd-registration
Core | Payment Methods | payment_method_read, payment_method_write | Grants access to PaymentMethods|https://docs.stripe.com/api/payment_methods and PaymentMethod events.{LineBreak}This permission also implies the following permission: Sources (Read)
Core | Payment Records | payment_records_read, payment_records_write | Grants access to Payment Records|https://docs.stripe.com/api/payment-record
Core | Payouts | payout_read, payout_write | Grants access to Payouts|https://docs.stripe.com/api/payouts and Payout events
Core | Products | product_read, product_write | Grants access to Products|https://docs.stripe.com/api/products and Product events
Core | Setup Intents | setup_intent_read, setup_intent_write | Grants access to SetupIntents|https://docs.stripe.com/api/setup_intents and SetupIntent events.{LineBreak}This permission also implies the following permission: Mandates (Read)
Core | Shipping Rates | shipping_rate_read, shipping_rate_write | Grants access to Shipping Rates|https://docs.stripe.com/api/shipping_rates
Core | Sources | source_read, source_write | Grants access to Sources|https://docs.stripe.com/api/sources
Core | Tokens | token_read, token_write | Grants access to Tokens|https://docs.stripe.com/api/tokens
Issuing | Authorizations | issuing_authorization_read, issuing_authorization_write | Grants access to Authorizations|https://docs.stripe.com/api/issuing/authorizations
Issuing | Cardholders | issuing_cardholder_read, issuing_cardholder_write | Grants access to Cardholders|https://docs.stripe.com/api/issuing/cardholders
Issuing | Cards | issuing_card_read, issuing_card_write | Grants access to Cards|https://docs.stripe.com/api/issuing/cards
Issuing | Credit Ledger | issuing_credit_ledger_read, issuing_credit_ledger_write | Grants access to Issuing Credit Ledger resources including entries, adjustments, and summary
Issuing | Disputes | issuing_dispute_read, issuing_dispute_write | Grants access to Issuing Disputes|https://docs.stripe.com/api/issuing/disputes
Issuing | Issuing Tokens | issuing_token_read, issuing_token_write | Grants access to Issuing Tokens|https://docs.stripe.com/api/issuing/tokens
Issuing | Issuing Tokens Network Data | issuing_token_network_data_read | Grants access to Issuing Tokens|https://docs.stripe.com/api/issuing/tokens Network Data
Issuing | Transactions | issuing_transaction_read, issuing_transaction_write | Grants access to Transactions|https://docs.stripe.com/api/issuing/transactions
Money Management | Recipient Verifications | recipient_verification_read | Grants access to Money Management Recipient Verifications
Orders | Orders | order_read, order_write | Grants access to Orders
Orders | SKUs | sku_read, sku_write | Grants access to Terminal SKUs and SKU|https://docs.stripe.com/api/terminal/hardware_skus events
Provisioning | Provisioning Account Requests | provisioning_account_request_read, provisioning_account_request_write | Grants access to Provisioning Account Requests
Provisioning | Provisioning Projects | provisioning_project_read, provisioning_project_write | Grants access to Provisioning Projects
Provisioning | Provisioning Resources | provisioning_resource_read, provisioning_resource_write | Grants access to Provisioning Resources
Radar | Reviews | review_read, review_write | Grants access to Reviews|https://docs.stripe.com/api/radar/reviews
Reporting | Report Runs and Report Types | report_runs_and_report_types_read | Grants access to Report Types|https://docs.stripe.com/api/reporting/report_type and allows creation of Report Runs|https://docs.stripe.com/api/reporting/report_run.
Stripe Apps | Secrets | secret_read, secret_write | Grants access to Secrets|https://docs.stripe.com/api/secret_management. Apps can only access secrets they create.
Stripe Apps | User Email | user_email_read | Grants access to user emails
Tax | Tax Calculations and Transactions | tax_calculations_and_transactions_read, tax_calculations_and_transactions_write | Grants access to Tax Transactions|https://docs.stripe.com/api/tax/transactions
Tax | Tax Enrollment Information | tax_enrollment_information_read | Grants access to access to Tax Enrollment information
Tax | Tax Liability | tax_liability_read | Grants access to access to Tax Liability report
Tax | Tax Settings and Registrations | tax_settings_read, tax_settings_write | Grants access to Tax Settings|https://docs.stripe.com/api/tax/settings and Tax Registrations|https://docs.stripe.com/api/tax/registrations
Terminal | Configurations | terminal_configuration_read, terminal_configuration_write | Grants access to Configurations|https://docs.stripe.com/api/terminal/configuration
Terminal | Connection Tokens | terminal_connection_token_write | Grants access to Connection Tokens|https://docs.stripe.com/api/terminal/connection_tokens
Terminal | Locations | terminal_location_read, terminal_location_write | Grants access to Locations|https://docs.stripe.com/api/terminal/locations
Terminal | Readers | terminal_reader_read, terminal_reader_write | Grants access to Readers|https://docs.stripe.com/api/terminal/readers
Treasury | Transactions | treasury_transaction_read | Grants access to Treasury Transactions|https://docs.stripe.com/api/treasury/transactions
Webhook | Webhook Endpoints and Event Destinations | webhook_read, webhook_write | Grants access to Webhook Endpoints|https://docs.stripe.com/api/webhook_endpoints and Event Destinations|https://docs.stripe.com/api/v2/core/event-destinations. This is a sensitive permission as it allows subscribing to events from all Stripe APIs, which can expose data across your entire account.
## イベントの権限
アプリが登録する[イベント](https://docs.stripe.com/api/events/types.md)ごとに、対応する権限を少なくとも 1 つリクエストする必要があります。
## See also
- [アプリのマニフェストリファレンス](https://docs.stripe.com/stripe-apps/reference/app-manifest.md)
- [UI Extensions の仕組み](https://docs.stripe.com/stripe-apps/how-ui-extensions-work.md)