API access levels

An example screenshot showing the four possible access levels a user can have to API collections.

Read-only access: Users with read-only access can view the API collection and the APIs in it, as well as the OpenAPI definition, audit and scan reports, and the protection status of the API. Users can also view the transaction logs in Trace Explorer. Users cannot audit, scan, or protect the APIs (including updating existing protection configurations).
Read/write access: In addition to above, users with read/write access can import new APIs to the API collection, and change the existing ones. Users can also audit, scan, and protect the APIs, and update existing protection configurations. Users cannot edit the shared API collection itself or share it forward, or delete the collection or APIs in it.
Read/write/delete access: In addition to above, users with read/write/delete access can delete APIs in the shared collection. Users cannot edit or delete the shared API collection itself, or share it forward.
Full access: These are API collections you have created and own. Full access means that in addition to everything above, you can also change the name or sharing of the API collection, or delete it from the platform.