Scopes
Every API key carries a scope that limits what it can do. You pick the scope when minting the key; you can’t change it after — to change scope, mint a new key and revoke the old.
The four scopes
USER — full portal-equivalent REST access
What a human in the portal can do, via API. Covers the entire REST surface under /api/scraper-api/.... Cannot use the MCP gateway — USER-scope keys against mcp.scrapewise.ai get 403 scope_rejected.
Pick this for: your own server-side code, CLI scripts, CI pipelines, integrations where you don’t need an AI agent.
LLM_READ — read-only MCP gateway access
For AI agents that you trust to look but not change anything. Can call:
list_*tools (scrapers, groups, schemas, jobs, data)get_*tools (single-entity reads)whoami- Preview tools (
preview_scraper_from_url) — these don’t save state
Cannot call:
create_*/update_*/delete_*tools (any state mutation)run_scraper(jobs cost compute)- Schema or scraper management
Pick this for: Claude Desktop / Claude Code where you want the agent to help you EXPLORE Scrapewise without risk of accidentally deleting a scraper.
LLM_FULL — read + write MCP gateway access
Same as LLM_READ plus all write/destructive operations. Can do anything via MCP that a USER-scope key can do via REST.
Pick this for: AI agents authorized to take actions on your behalf. Claude can create scrapers, run them, delete data. Use deliberately — there’s no separate per-tool consent.
MCP_GATEWAY — internal-only
Used by the MCP gateway service itself to call scraper-api. Not customer-mintable — you can’t create one from the portal. Mentioned here for completeness; you won’t see it in your key list.
Scope × operation matrix
| Operation | USER | LLM_READ | LLM_FULL | MCP_GATEWAY |
|---|---|---|---|---|
REST /api/scraper-api/* | ✅ | — | — | — |
MCP /mcp (read tools) | — | ✅ | ✅ | ✅ |
MCP /mcp (write tools) | — | ❌ | ✅ | ✅ |
MCP /mcp (destructive) | — | ❌ | ✅ | ✅ |
| Portal-managed JWT auth | ✅ | — | — | — |
/whoami | ✅ | ✅ | ✅ | ✅ |
generate_api_key (mint child) | ✅ | ❌ | ❌ | — |
delete_api_key (revoke) | ✅ | ❌ | ❌ | — |
The MCP gateway routes calls through its own scope-filtering layer; USER keys are explicitly rejected by the gateway regardless of which tool they call.
Which scope should I use?
Decision flow:
Will an AI agent be calling Scrapewise?
├── No → USER
└── Yes
├── Should the agent be able to delete / mutate data?
│ ├── No → LLM_READ
│ └── Yes → LLM_FULLWhen in doubt, start narrower. You can always mint a higher-scope key later when you need it.
Scope mismatch — what the error looks like
If you call a tool your scope can’t access, you get:
{
"error": {
"code": "403",
"message": "scope_rejected",
"data": {
"scope": "LLM_READ",
"requiredScope": "LLM_FULL",
"tool": "scrapewise_delete_scraper"
}
}
}(For REST, the same logic returns HTTP 403 with the same envelope structure.)
What’s next
- Mint a key with the right scope → API keys
- Error format details → Errors
- Wire Claude to Scrapewise → MCP quickstart