**Source URL:** https://general.veevavault.dev/clinical/direct-data-api/references/direct-data-permissions.md

# Permissions

To use Direct Data API endpoints, your Vault integration user’s security profile and permission set must grant the following permissions. Learn more about [permission sets](https://platform.veevavault.help/en/gr/22824).

* *Application: API: Access API*

* *Application: API: Direct Data or Application: API: All API*

* *Application: All Object Records: All Object Record Read*

* *Application: Workflow: Query*

* *Admin: Logs: System Audit*

* *Admin: Logs: Login Audit*

* *Admin: Logs: Object Record Audit*

Additionally, if your Vault uses documents, your Vault integration user’s security profile and permission set must also grant the following permissions:

* *Application: All Documents: All Document Read*

* *Admin: Logs: Document Audit*



---

**Previous:** [Video Walkthroughs](/clinical/direct-data-api/references/video-walkthroughs)