> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tesouro.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Gets settings for an organization.

> Requires the organization:read:org scope.

**Token types:** APP, USER | **Required scopes:** `organization:read:org`



## OpenAPI

````yaml /.tooling/schemas/rest/tags/product-embedded-banking.json get /identity/v1/organizations/{organizationId}/settings
openapi: 3.1.0
info:
  title: Tesouro Partner API
  version: '2025-06-23'
  description: The Tesouro REST API, for Tesouro partners to integrate with our solution.
  termsOfService: https://tesouro.com/terms
  contact:
    name: Tesouro team
    url: https://tesouro.com/about/
    email: developers@tesouro.com
servers:
  - url: https://api.sandbox.tesouro.com
    description: Sandbox
security: []
tags:
  - name: Applications
  - name: Bank Account Access
  - name: Bank Accounts
  - name: Beneficial Owners
  - name: Disclosures
  - name: Embedded Banking
  - name: External Bank Accounts
  - name: Identity
  - name: MoneyMovements
  - name: Organization
paths:
  /identity/v1/organizations/{organizationId}/settings:
    get:
      tags:
        - Identity
      summary: Gets settings for an organization.
      description: >-
        Requires the organization:read:org scope.


        **Token types:** APP, USER | **Required scopes:**
        `organization:read:org`
      operationId: get_organizations_id_settings
      parameters:
        - name: organizationId
          in: path
          description: The organization ID.
          required: true
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Returns the organization settings.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/OrganizationSettingsResponseDto'
            application/json:
              schema:
                $ref: '#/components/schemas/OrganizationSettingsResponseDto'
            text/json:
              schema:
                $ref: '#/components/schemas/OrganizationSettingsResponseDto'
        '401':
          description: Unauthorized - no valid JWT token provided.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '403':
          description: >-
            Forbidden - caller lacks required scope or missing organization
            claim.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '500':
          description: Internal server error.
      security:
        - APPToken:
            - organization:read:org
        - USERToken:
            - organization:read:org
components:
  schemas:
    OrganizationSettingsResponseDto:
      type: object
      properties:
        accounting:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsAccountingDto'
        allowPurchaseOrderAutolinking:
          type:
            - 'null'
            - boolean
        currency:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsCurrencyDto'
        defaultBankAccount:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDefaultBankAccountDto'
        documentIds:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDocumentIdsDto'
        documentRendering:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDocumentRenderingDto'
        generatePaidInvoicePdf:
          type:
            - 'null'
            - boolean
        language:
          type:
            - 'null'
            - string
        mail:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsMailDto'
        payablesOcrAutoTagging:
          type:
            - 'null'
            - array
          items:
            $ref: '#/components/schemas/OrganizationSettingsOcrAutoTaggingDto'
        payablesSkipApprovalFlow:
          type:
            - 'null'
            - boolean
        paymentPriority:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsPaymentPriority'
        quoteSignatureRequired:
          type:
            - 'null'
            - boolean
        receivableEditFlow:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsReceivableEditFlow'
        reminder:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsReminderDto'
        taxInclusiveDiscountMode:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsTaxMode'
        taxMode:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsTaxMode'
    ProblemDetails:
      type: object
      properties:
        detail:
          type:
            - 'null'
            - string
        instance:
          type:
            - 'null'
            - string
        status:
          pattern: ^-?(?:0|[1-9]\d*)$
          type:
            - 'null'
            - integer
            - string
          format: int32
        title:
          type:
            - 'null'
            - string
        type:
          type:
            - 'null'
            - string
    OrganizationSettingsAccountingDto:
      type: object
      properties:
        ledgerAccountIds:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsAccountingLedgerAccountIdsDto
        taxIds:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsAccountingTaxIdsDto'
    OrganizationSettingsCurrencyDto:
      type: object
      properties:
        default:
          type:
            - 'null'
            - string
        exchangeRates:
          type:
            - 'null'
            - array
          items:
            $ref: '#/components/schemas/OrganizationSettingsExchangeRateDto'
    OrganizationSettingsDefaultBankAccountDto:
      type: object
      properties:
        id:
          type:
            - 'null'
            - string
          format: uuid
        type:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDefaultBankAccountType'
    OrganizationSettingsDocumentIdsDto:
      type: object
      properties:
        documentTypePrefix:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDocumentTypePrefixDto'
        includeDate:
          type:
            - 'null'
            - boolean
        minDigits:
          pattern: ^-?(?:0|[1-9]\d*)$
          type:
            - 'null'
            - integer
            - string
          format: int32
        prefix:
          type:
            - 'null'
            - string
        separator:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsDocumentIdSeparator'
    OrganizationSettingsDocumentRenderingDto:
      type: object
      properties:
        creditNote:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsCreditNoteRenderingDto'
        displayLineItems:
          type:
            - 'null'
            - boolean
        displayOrganizationBankAccount:
          type:
            - 'null'
            - boolean
        invoice:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsInvoiceRenderingDto'
        lineItems:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsLineItemsRenderingDto'
        quote:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsQuoteRenderingDto'
    OrganizationSettingsMailDto:
      type: object
      properties:
        replyTo:
          type:
            - 'null'
            - array
          items:
            type: string
            format: email
    OrganizationSettingsOcrAutoTaggingDto:
      type: object
      properties:
        enabled:
          type:
            - 'null'
            - boolean
        keywords:
          type:
            - 'null'
            - array
          items:
            type: string
        tagId:
          type:
            - 'null'
            - string
          format: uuid
    OrganizationSettingsPaymentPriority:
      enum:
        - balanced
        - bottom_line
        - working_capital
      type: string
    OrganizationSettingsReceivableEditFlow:
      enum:
        - compliant
        - non_compliant
        - partially_compliant
      type: string
    OrganizationSettingsReminderDto:
      type: object
      properties:
        enabled:
          type:
            - 'null'
            - boolean
    OrganizationSettingsTaxMode:
      enum:
        - exclusive
        - inclusive
      type: string
    OrganizationSettingsAccountingLedgerAccountIdsDto:
      type: object
      properties:
        payments:
          type:
            - 'null'
            - string
          format: uuid
        products:
          type:
            - 'null'
            - string
          format: uuid
    OrganizationSettingsAccountingTaxIdsDto:
      type: object
      properties:
        deductions:
          type:
            - 'null'
            - string
          format: uuid
    OrganizationSettingsExchangeRateDto:
      type: object
      properties:
        base:
          type:
            - 'null'
            - string
        rate:
          pattern: ^-?(?:0|[1-9]\d*)(?:\.\d+)?(?:[eE][+-]?\d+)?$
          type:
            - 'null'
            - number
            - string
          format: double
        to:
          type:
            - 'null'
            - string
    OrganizationSettingsDefaultBankAccountType:
      enum:
        - BANK_DETAILS
        - EXTERNAL
        - INTERNAL
      type: string
    OrganizationSettingsDocumentTypePrefixDto:
      type: object
      properties:
        creditNote:
          type:
            - 'null'
            - string
        deliveryNote:
          type:
            - 'null'
            - string
        invoice:
          type:
            - 'null'
            - string
        purchaseOrder:
          type:
            - 'null'
            - string
        quote:
          type:
            - 'null'
            - string
    OrganizationSettingsDocumentIdSeparator:
      enum:
        - '-'
        - .
        - ''
        - '|'
        - /
      type: string
    OrganizationSettingsCreditNoteRenderingDto:
      type: object
      properties:
        displayOrganizationBankAccount:
          type:
            - 'null'
            - boolean
    OrganizationSettingsInvoiceRenderingDto:
      type: object
      properties:
        displayOrganizationBankAccount:
          type:
            - 'null'
            - boolean
    OrganizationSettingsLineItemsRenderingDto:
      type: object
      properties:
        discount:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsLineItemColumnDto'
        measureUnit:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsLineItemColumnDto'
        name:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsLineItemColumnDto'
        price:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
        priceAfterTax:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
        quantity:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/OrganizationSettingsLineItemColumnDto'
        taxRate:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
        totalPrice:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
        totalPriceAfterTax:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
        vatAmount:
          oneOf:
            - type: 'null'
            - $ref: >-
                #/components/schemas/OrganizationSettingsLineItemNumericColumnDto
    OrganizationSettingsQuoteRenderingDto:
      type: object
      properties:
        displayOrganizationBankAccount:
          type:
            - 'null'
            - boolean
        displaySignature:
          type:
            - 'null'
            - boolean
    OrganizationSettingsLineItemColumnDto:
      type: object
      properties:
        display:
          type:
            - 'null'
            - boolean
        label:
          type:
            - 'null'
            - string
    OrganizationSettingsLineItemNumericColumnDto:
      type: object
      properties:
        display:
          type:
            - 'null'
            - boolean
        label:
          type:
            - 'null'
            - string
        precision:
          pattern: ^-?(?:0|[1-9]\d*)$
          type:
            - 'null'
            - integer
            - string
          format: int32
  securitySchemes:
    APPToken:
      type: oauth2
      description: Application (M2M) OAuth2 access token (client credentials).
      flows:
        clientCredentials:
          tokenUrl: /connect/token
          scopes:
            acceptor:application:read: >-
              View merchant boarding applications, including business and
              ownership details. Contains sensitive personally identifiable
              information.
            acceptor:application:secondaryapproval: >-
              Provide a secondary approval on merchant boarding and underwriting
              applications as part of a multi-step review.
            acceptor:application:write: >-
              Edit, approve, and manage merchant boarding and underwriting
              applications, and attach supporting documents.
            accounting_config:read:org: >-
              View ledger accounts, tax rates, cost centers, tags, and projects
              configured for your organization.
            accounting_config:write:org: >-
              Create and update ledger accounts, tax rates, cost centers, tags,
              and projects for your organization.
            acquiring:report:read: >-
              View transaction and settlement reports for your acquiring
              activity.
            approval_policy:read:org: >-
              View approval workflows and spending policies configured for your
              organization.
            approval_policy:write:org: >-
              Create and update approval workflows and spending policies for
              your organization.
            approval_request:create:org: >-
              Submit items for approval within your organization's approval
              workflows.
            approval_request:delete:org: Delete approval requests within your organization.
            approval_request:read:org: >-
              View pending and completed approval requests across your
              organization.
            approval_request:update:org: >-
              Edit and update existing approval requests within your
              organization.
            authorization_control:read:org: Read access to authorization control at the organization level.
            bank_account_application:read:org: >-
              View submitted applications to open bank accounts within your
              organization.
            bank_account_application:write:org: >-
              Submit and manage applications to open new bank accounts within
              your organization.
            bank_account:read:org: View bank account details and balances within your organization.
            bank_account:write:org: Create, update, and close bank accounts within your organization.
            beneficial_owner:read:org: >-
              View beneficial ownership information, including individuals'
              ownership stakes and identifying details.
            comment:read:org: >-
              View comments and notes added to financial records across your
              organization.
            comment:write:org: >-
              Add and manage comments and notes on financial records across your
              organization.
            counterpart:read:org: >-
              View the suppliers and clients your organization transacts with.
              Counterparts are required before creating invoices, quotes, and
              other financial documents.
            counterpart:write:org: >-
              Add and update the suppliers and clients your organization
              transacts with. Counterparts are required before creating
              invoices, quotes, and other financial documents.
            credit_card:activate:org: >-
              Activate newly issued credit cards for use within your
              organization.
            credit_card_application:read:org: View credit card applications submitted within your organization.
            credit_card_application:write:org: >-
              Submit and manage credit card applications within your
              organization.
            credit_card:read:org: >-
              View credit card details and status for cards in your
              organization.
            developer_portal: >-
              Access the Tesouro Developer Portal to view API documentation and
              manage developer resources.
            dispute:read: >-
              View payment disputes and any supporting documents attached to
              them.
            dispute:write: >-
              Accept or challenge payment disputes by uploading and submitting
              supporting evidence.
            email: ''
            expense:approve:org: >-
              Review and approve or reject expense reports submitted across your
              organization.
            expense:read:org: View expense reports and submissions across your organization.
            expense:read:self: View your own expense submissions and reports.
            expense:write:org: Create and update expense submissions across your organization.
            expense:write:self: Submit and update your own expense reports.
            export:read:org: >-
              View and download previously generated data exports for your
              organization.
            export:write:org: Generate and manage data exports for your organization.
            external_bank_account:micro_deposit:org: >-
              Initiate micro-deposit verification to confirm ownership of
              external bank accounts linked to your organization.
            external_bank_account:read:org: >-
              View external bank accounts that have been linked to your
              organization.
            external_bank_account:set_verification:org: >-
              Manually set the verification status of linked external bank
              accounts, bypassing the standard verification process.
            external_bank_account:write:org: >-
              Add, update, or remove external bank accounts linked to your
              organization.
            invoice:read:org: View invoices issued and received across your organization.
            invoice:write:org: Create, edit, and manage invoices across your organization.
            mailbox:read:org: >-
              View the email mailboxes configured to automatically capture
              incoming invoices as payables and collect expense receipts for
              your organization.
            mailbox:write:org: >-
              Configure email mailboxes that automatically capture incoming
              invoices as payables and collect expense receipts for your
              organization.
            notification:subscription:read: >-
              View active webhook and event notification subscriptions and their
              configurations.
            notification:subscription:write: >-
              Create, update, and delete webhook and event notification
              subscriptions.
            ocr_task:read:org: >-
              View the results and status of automated receipt and invoice
              scanning tasks.
            ocr_task:write:org: >-
              Submit and manage automated receipt and invoice scanning tasks for
              your organization.
            offline_access: ''
            oidc:app:manage: >-
              Add, edit, and remove access to OIDC applications and their
              scopes.
            oidc:app:read: Read only access to the OIDC applications and their scopes
            oidc:app:write: >-
              Add and edit - but not remove - access to OIDC applications and
              their scopes
            openid: ''
            organization:read:org: View your organization's profile and general details.
            organization_settings:read:org: View configuration settings for your organization.
            organization_settings:write:org: Update configuration settings for your organization.
            organization:write:org: Update your organization's profile and general details.
            org:write:all: >-
              Enable or disable organizations on the platform. This is a
              high-privilege permission typically reserved for platform
              administrators.
            partner_portal: >-
              Access the Tesouro Partner Portal to manage your partnership
              settings and sub-merchant configurations.
            payable:approve:org: >-
              Review and approve bills and accounts payable before they are
              paid.
            payable:pay:org: >-
              Authorize and submit payments for approved bills and accounts
              payable.
            payable:read:org: View bills and accounts payable across your organization.
            payable:write:org: >-
              Create and update bills and accounts payable across your
              organization.
            payment_link:write: >-
              Generate and manage shareable payment links to collect payments
              from customers.
            payment_processing: ''
            payment_rail:ach: Process payments via the ACH (Automated Clearing House) network.
            payment_rail:fednow: Process instant payments via the FedNow network.
            payment_rail:rtp: Process real-time payments via the RTP network.
            payment_record:read:org: >-
              View payment transaction history and records for your
              organization.
            payment_record:write:org: >-
              Record payments against invoices and manage their status,
              including marking payments as succeeded, cancelling, or moving
              them into processing.
            product:read:org: >-
              View the product and service catalog used for invoicing within
              your organization.
            product:write:org: >-
              Add and update products and services in your organization's
              invoicing catalog.
            profile: ''
            role:read:org: >-
              View user roles and their associated permissions within your
              organization.
            role:write:org: >-
              Create and update user roles and permission sets within your
              organization.
            transfer:write:org: Create and submit money transfers within your organization.
            underwriting:application:approval:escalation: >-
              Provide a senior-level escalation approval on underwriting
              applications that require additional review.
            underwriting:application:approval:secondary: >-
              Provide a second-level approval on underwriting applications as
              part of a multi-step review process.
            underwriting:application:read: >-
              View underwriting applications, including sensitive business
              details and personally identifiable information.
            underwriting:application:write: >-
              Edit, approve, and manage underwriting applications and decisions,
              and attach supporting documents.
            user_profile:write:all: >-
              Update profile information for any user across all organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user_profile:write:self: >-
              Update your own user profile, including your name, contact
              information, and preferences.
            user:read:org: View user accounts and their details within your organization.
            user:read:self: >-
              Read access to the user's own record and the name/email of their
              direct reports.
            user:write:all: >-
              Create and manage user accounts across multiple organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user:write:org: Create, update, and manage user accounts within your organization.
    USERToken:
      type: oauth2
      description: User OAuth2 access token (authorization code with PKCE).
      flows:
        authorizationCode:
          authorizationUrl: /connect/authorize
          tokenUrl: /connect/token
          scopes:
            acceptor:application:read: >-
              View merchant boarding applications, including business and
              ownership details. Contains sensitive personally identifiable
              information.
            acceptor:application:secondaryapproval: >-
              Provide a secondary approval on merchant boarding and underwriting
              applications as part of a multi-step review.
            acceptor:application:write: >-
              Edit, approve, and manage merchant boarding and underwriting
              applications, and attach supporting documents.
            accounting_config:read:org: >-
              View ledger accounts, tax rates, cost centers, tags, and projects
              configured for your organization.
            accounting_config:write:org: >-
              Create and update ledger accounts, tax rates, cost centers, tags,
              and projects for your organization.
            acquiring:report:read: >-
              View transaction and settlement reports for your acquiring
              activity.
            approval_policy:read:org: >-
              View approval workflows and spending policies configured for your
              organization.
            approval_policy:write:org: >-
              Create and update approval workflows and spending policies for
              your organization.
            approval_request:create:org: >-
              Submit items for approval within your organization's approval
              workflows.
            approval_request:delete:org: Delete approval requests within your organization.
            approval_request:read:org: >-
              View pending and completed approval requests across your
              organization.
            approval_request:update:org: >-
              Edit and update existing approval requests within your
              organization.
            authorization_control:read:org: Read access to authorization control at the organization level.
            bank_account_application:read:org: >-
              View submitted applications to open bank accounts within your
              organization.
            bank_account_application:write:org: >-
              Submit and manage applications to open new bank accounts within
              your organization.
            bank_account:read:org: View bank account details and balances within your organization.
            bank_account:write:org: Create, update, and close bank accounts within your organization.
            beneficial_owner:read:org: >-
              View beneficial ownership information, including individuals'
              ownership stakes and identifying details.
            comment:read:org: >-
              View comments and notes added to financial records across your
              organization.
            comment:write:org: >-
              Add and manage comments and notes on financial records across your
              organization.
            counterpart:read:org: >-
              View the suppliers and clients your organization transacts with.
              Counterparts are required before creating invoices, quotes, and
              other financial documents.
            counterpart:write:org: >-
              Add and update the suppliers and clients your organization
              transacts with. Counterparts are required before creating
              invoices, quotes, and other financial documents.
            credit_card:activate:org: >-
              Activate newly issued credit cards for use within your
              organization.
            credit_card_application:read:org: View credit card applications submitted within your organization.
            credit_card_application:write:org: >-
              Submit and manage credit card applications within your
              organization.
            credit_card:read:org: >-
              View credit card details and status for cards in your
              organization.
            developer_portal: >-
              Access the Tesouro Developer Portal to view API documentation and
              manage developer resources.
            dispute:read: >-
              View payment disputes and any supporting documents attached to
              them.
            dispute:write: >-
              Accept or challenge payment disputes by uploading and submitting
              supporting evidence.
            email: ''
            expense:approve:org: >-
              Review and approve or reject expense reports submitted across your
              organization.
            expense:read:org: View expense reports and submissions across your organization.
            expense:read:self: View your own expense submissions and reports.
            expense:write:org: Create and update expense submissions across your organization.
            expense:write:self: Submit and update your own expense reports.
            export:read:org: >-
              View and download previously generated data exports for your
              organization.
            export:write:org: Generate and manage data exports for your organization.
            external_bank_account:micro_deposit:org: >-
              Initiate micro-deposit verification to confirm ownership of
              external bank accounts linked to your organization.
            external_bank_account:read:org: >-
              View external bank accounts that have been linked to your
              organization.
            external_bank_account:set_verification:org: >-
              Manually set the verification status of linked external bank
              accounts, bypassing the standard verification process.
            external_bank_account:write:org: >-
              Add, update, or remove external bank accounts linked to your
              organization.
            invoice:read:org: View invoices issued and received across your organization.
            invoice:write:org: Create, edit, and manage invoices across your organization.
            mailbox:read:org: >-
              View the email mailboxes configured to automatically capture
              incoming invoices as payables and collect expense receipts for
              your organization.
            mailbox:write:org: >-
              Configure email mailboxes that automatically capture incoming
              invoices as payables and collect expense receipts for your
              organization.
            notification:subscription:read: >-
              View active webhook and event notification subscriptions and their
              configurations.
            notification:subscription:write: >-
              Create, update, and delete webhook and event notification
              subscriptions.
            ocr_task:read:org: >-
              View the results and status of automated receipt and invoice
              scanning tasks.
            ocr_task:write:org: >-
              Submit and manage automated receipt and invoice scanning tasks for
              your organization.
            offline_access: ''
            oidc:app:manage: >-
              Add, edit, and remove access to OIDC applications and their
              scopes.
            oidc:app:read: Read only access to the OIDC applications and their scopes
            oidc:app:write: >-
              Add and edit - but not remove - access to OIDC applications and
              their scopes
            openid: ''
            organization:read:org: View your organization's profile and general details.
            organization_settings:read:org: View configuration settings for your organization.
            organization_settings:write:org: Update configuration settings for your organization.
            organization:write:org: Update your organization's profile and general details.
            org:write:all: >-
              Enable or disable organizations on the platform. This is a
              high-privilege permission typically reserved for platform
              administrators.
            partner_portal: >-
              Access the Tesouro Partner Portal to manage your partnership
              settings and sub-merchant configurations.
            payable:approve:org: >-
              Review and approve bills and accounts payable before they are
              paid.
            payable:pay:org: >-
              Authorize and submit payments for approved bills and accounts
              payable.
            payable:read:org: View bills and accounts payable across your organization.
            payable:write:org: >-
              Create and update bills and accounts payable across your
              organization.
            payment_link:write: >-
              Generate and manage shareable payment links to collect payments
              from customers.
            payment_processing: ''
            payment_rail:ach: Process payments via the ACH (Automated Clearing House) network.
            payment_rail:fednow: Process instant payments via the FedNow network.
            payment_rail:rtp: Process real-time payments via the RTP network.
            payment_record:read:org: >-
              View payment transaction history and records for your
              organization.
            payment_record:write:org: >-
              Record payments against invoices and manage their status,
              including marking payments as succeeded, cancelling, or moving
              them into processing.
            product:read:org: >-
              View the product and service catalog used for invoicing within
              your organization.
            product:write:org: >-
              Add and update products and services in your organization's
              invoicing catalog.
            profile: ''
            role:read:org: >-
              View user roles and their associated permissions within your
              organization.
            role:write:org: >-
              Create and update user roles and permission sets within your
              organization.
            transfer:write:org: Create and submit money transfers within your organization.
            underwriting:application:approval:escalation: >-
              Provide a senior-level escalation approval on underwriting
              applications that require additional review.
            underwriting:application:approval:secondary: >-
              Provide a second-level approval on underwriting applications as
              part of a multi-step review process.
            underwriting:application:read: >-
              View underwriting applications, including sensitive business
              details and personally identifiable information.
            underwriting:application:write: >-
              Edit, approve, and manage underwriting applications and decisions,
              and attach supporting documents.
            user_profile:write:all: >-
              Update profile information for any user across all organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user_profile:write:self: >-
              Update your own user profile, including your name, contact
              information, and preferences.
            user:read:org: View user accounts and their details within your organization.
            user:read:self: >-
              Read access to the user's own record and the name/email of their
              direct reports.
            user:write:all: >-
              Create and manage user accounts across multiple organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user:write:org: Create, update, and manage user accounts within your organization.

````