Every authorized application has default permissions that are always granted. The default permissions cannot be revoked.
Each of the following permissions must be explicitly granted. They do not overlap.
When an AWeber customer signs up for your application, the permission settings
at the time of authorization are invoked.
If you decide to change permissions after AWeber customers have authorized your application, the AWeber customer must re-authorize. Otherwise, the AWeber customer will still be able to use your application but functionality that goes beyond the permissions in which they authorized with will return 404 ForbiddenError.
Permissions are exclusive, NOT inclusive. If you ask for schedule broadcast permissions your application will not inherit subscriber data permissions.
The permissions are in place to keep your users' data safe and reassure them that your application is operating in a way they can trust. By default, applications are not permitted to access subscriber data or schedule broadcasts but can request access by doing the following:
When you enable any permissions, your users will see a modified verification page that highlights the permissions level you chose. The following shows a user authorizing an application that asks for subscriber data and requests permissions to schedule broadcast messages.
Once an AWeber customer authorizes your application, your application will have the permissions that were set at the time of authorization.