Skip to main content


Applications provide the API credentials that allow your client- or server-side app to access the Propel API. They represent the web or mobile app you are building. We recommend every web or mobile app to be its own Propel Application.

API authentication guide

Follow our step-by-step Authentication guide to learn how to authenticate API requests with Propel.

Application properties

A Propel Application has a set of OAuth 2.0 client credentials and a list scopes.

OAuth 2.0 client credentials

The OAuth 2.0 client credentials consist of a client identifier and a secret used to request acces tokens that give you scoped access to the Propel API.


Scopes control what an Application can or cannot do on your app’s behalf. When generating an access token for your app, you can choose one or more scopes to include.

Your app can request the following scopes:

adminThe Application has read/write access to Data Sources, Data Pools, and Metrics within its Environment.
metric:queryThe Application can query Metrics within its Environment.
metric:statsThe Application can query Metrics’ Dimension Statistics within its Environment.

The example below uses curl to generate an access token with only the “metric:query” and “metric:stats” scopes. This ensures the generated access token can only query Metrics and Dimension Statistics, not create new Data Sources, delete Metrics or any other admin operations. These scopes would be appropriate for securing customer-facing apps.

curl \
-d grant_type=client_credentials \
-d client_id=$APPLICATION_ID \
-d client_secret=$APPLICATION_SECRET \
-d 'scope=metric:query metric:stats'