Mobile Endpoint Permissions

CommCare's offline-first mobile application relies on user accounts having direct access to endpoint APIs on the HQ Server for functions like syncing and submitting completed forms. Programs that want additional granularity over which user roles can access these offline access endpoints for their security or compliance controls can utilize CommCare’s mobile worker settings. By default, access to endpoint APIs is restricted. In order to provide access, please select the following settings in accordance with the desired permission level:

Access APIs:

Under the Area Access section of Mobile Worker Settings, enable Access APIs:

Access All/Specific Reports:

Under the Reports section, enable either Access All Reports or select specific reports the mobile worker role should have access to.



Download and Email Reports:

If no reports are enabled, the Download and Email Reports permission will be disabled and hidden from view.  If any reports are enabled, the checkbox will appear, and it will be checked by default. This setting will not be enabled for users who can’t access reports. 

Mobile App Access:

Mobile App Access, located under the Other Settings section, will be disabled by default for all new roles besides “Mobile Worker Default”.