Permissions and scopes
Customize the data that is being synced by Kombo.
Only sync the data you need
By default, Kombo syncs all available data from connected systems. This can be pretty convenient for exploring what’s available during development, but as soon as you take Kombo into production, you’ll likely want to restrict what data is extracted and stored for privacy and security reasons.
For this purpose, Kombo provides what we call Scopes. These allow you to configure precisely which models and data points are being extracted and stored. Scopes can, for example, be used to anonymize data by removing all personally identifiable information from the data we store.
How it works
When your customer connects to your product using Kombo Connect and is prompted to create credentials, we dynamically let them know which permissions to set based on your configured scope config.
We allow you to define the scope config on a per-field level. This way, your customers can see exactly which data points you’re accessing, and you can build trust and eradicate concerns during the sales process. We always request as little permissions as possible.