For more information, please visit open platform
Lark uses permissions to control app feature and determine if an app can call a particular API and get or update certain fields. A permission has three properties: field, API and event.
- •Field: The field an app has permission to access. If the "Obtain user email address" permission is enabled, the app can access the email address field.
- •API: Permission must be enabled to invoke certain APIs. To invoke the "Send message" API, the "Send messages as an app" permission must be enabled.
- •Event: Permission is also required to subscribe to certain events and obtain the corresponding field. For example, if you want to "Obtain private messages sent from a user to a bot", you will have to subscribe to the "Receive messages" event.
Different permissions are available for different types of apps. Some permissions apply to both custom apps and public apps, while others only apply to custom apps.
Enabling permissions
Administrators can apply for app permissions in Lark Developer. On the app details page, click Permissions in the menu on the left and then enable the permissions needed for the app. The permissions will only go into effect after the next version of the app has been submitted and approved.
Basic permissions
Basic permissions are lower risk and can be enabled by developers as needed. The following basic permissions are provided:
Permission Name | Fields | API | Event | Available for | Notes |
Obtain basic user information | name, avatar, description | - | Custom apps Public apps | User name, profile picture, and description | |
Obtain department information | id, name, chat_id, status | - | Custom apps Public apps | ||
Send messages as an app | - | - | Custom apps Public apps | Can only be enabled if bot feature is enabled | |
Obtain private messages sent from a user to a bot | - | - | Custom apps Public apps | Can only be enabled if bot feature is enabled | |
Obtain user messages @ a bot in a group chat | - | - | Custom apps Public apps | Can only be enabled if bot feature is enabled | |
Verify if a user is an app administrator | - | Verify application administrator | - | Custom apps Public apps | Finds out if a user has permission to manage an app |
Advanced permissions
- •Advanced permissions requested by custom apps are reviewed by organization administrators after the app has been submitted for review.
- •The advanced permissions requested by public apps are highlighted on the app page in the Lark App Directory. Organization administrators will consider the permissions required when assessing whether to use the app.
Only request permissions that your app needs to function properly. Otherwise, the organization administrator (for custom apps)/the platform operator (for public apps) may reject your app or decide not to use it.
User
Messages
Group chat
Contacts
Manage apps
Lark Suite