To access the API you have to create an access token, and you have to use this token in a request's authorization header. Mozaik allows you to set different scopes for each token so you have full control over your data. There are four scopes:
- Content read: only published documents can be retrieved through the API
- Content write: only document queries (published and unpublished) and document related mutations are allowed
- Project read: only project related queries are allowed
- Project write: only project related mutations are allowed