Granting OAuth access permissions

For some integrations you need to grant the application permission to access your xMatters account (for example, the one you were installing if you got here by "required permissions").

By doing this, you give the application all the permissions that you have in xMatters. This can include (among other things):

  • accessing user information or group and on-call schedule details.
  • controlling any xMatters Agents or Integration Agents the you have access to.
  • executing scripts on that user's behalf (if you modify the integration scripts, the tool will continue to execute them in that your name).

To control or limit what the application can do in xMatters, we recommend you create a user specific to the integration. Give the user only the permissions the integration needs to function, and use that user's credentials when you are asked to log in.

To complete the consent process (which uses OAuth authentication), this user needs to able to log into the xMatters user interface (for example, the Read-only User or Standard User roles). Besides that, they also need access to the information the integration needs to do its job — usually the REST Web Service User role has all the additional permissions an integration user needs.