Skip to main content

Deep Dive: Scorpion App Access & Permissions

Donovan Allen
Updated

Deep Dive: Scorpion App Access & Permissions

This article is part of the Scorpion API Deep Dive series.

Related Articles: 

 

1. Accessing the Scorpion Apps Page

From the Projects page (https://scorpion.caveon.com/projects), click the hamburger menu in the top left corner.

Then select Apps.

You can also go directly to:

https://scorpion.caveon.com/apps

 

2. Creating a New App

On the Apps page, click New App.

Name your new App. Example: Scorpion API and App Setup Sample App

After clicking Create, you will be redirected to the App’s settings page, similar to:

https://scorpion.caveon.com/apps/<app_id>/settings

 

3. App Settings Overview

Redirect URL

The Redirect URL determines where users or systems are sent after an authentication flow.

Examples: - https://yourcompany.com/scorpion/callback - https://getscorpion.caveon.com/

Use a URL controlled by your organization.

Description & Image URL

Optional fields used for clarity and branding.

 

4. App Permissions (Full Breakdown)

Permissions control what your app can access and modify within Scorpion.

Least Access Principle (LAP): Enable only the permissions your app explicitly needs.

 

4.1 Delivery Permissions

Controls interaction with individual exam deliveries.

For basic delivery creation, you typically only need: - Create - View (only if your workflow requires reading delivery data)

Permission Description
Create Required for creating new deliveries via API.
Delete Deletes deliveries. Not needed unless explicitly required.
Edit Modifies delivery-level settings. Only enable if needed.
Edit Meta Updates metadata fields on deliveries.
Run Launches/resumes deliveries programmatically.
View Reads delivery state, metadata, or results. Enable only when needed.
Proctor Allows proctor actions (pause, extend time, monitor). Required only for proctor workflows.

 

4.2 Exam Permissions

These permissions are not needed for delivery creation.

Permission Description
Edit Agreements Modify exam agreements.
Edit Meta Edit exam metadata.
Edit Settings Modify exam settings.
Edit Surveys Edit attached surveys.
View Agreements View agreements.
View Settings View settings.
View Surveys View surveys.

 

4.3 Export Permissions

These permissions are not needed for delivery creation.

Permission Description
Content Export exam content. Highly restricted.
Data Export delivery or analytics data.

 

4.4 Item Permissions

These permissions are not needed for delivery creation unless your app manages item banks.

Permission Description
Create Create new items.
Delete Delete items. Restricted.
Edit Modify items.
Edit Meta Update item metadata.
View Read-only access to items.

 

4.5 Manage Permissions

These permissions are generally not needed for delivery creation.

Permission Description
Examinees Manage examinee records. Needed only if your workflow creates examinees.
Forms Manage forms.
Integrations Manage app integrations and webhooks.
Translations Manage translated content.
Users Manage platform users. Highly restricted.

 

4.6 Response Permissions

These permissions are not needed for delivery creation.

Permission Description
Edit Modify candidate responses. Extremely restricted.

 

5. Minimal Permissions for Delivery-Creation Apps

For most API integrations that create deliveries: - Enable: Create - Enable: View (only if needed) - Disable: Everything else in 4.1–4.6

This is the safest configuration and follows LAP.

 

6. Next Steps

After creating your App and setting permissions, continue with:

 

 

 

Related to

Related articles

Comments

0 comments

Please sign in to leave a comment.