# App Permissions > Understand the Ditto consent screen and the granular memory scopes apps can request: read, create, update, delete, and archive for your main memory and an app's own sandbox. --- # App Permissions When an app asks to access your Ditto account, you see a consent screen that lays out exactly what it wants. Nothing is granted until you approve, and you can approve only part of what is requested. _You see this consent screen live whenever an app requests access (at `/apps/consent/...`)._ ## The Consent Screen The consent screen, titled **Authorize app access**, shows the app's name and (when provided) the email of whoever requested access. Each permission is listed with a plain-language label and a short description. You check the ones you want and click **Approve**, or **Decline** the whole request. The server re-checks your selection, so you only ever grant the subset you actually chose. ## Two Kinds of Memory Ditto separates your memory into two spaces: - **Main memory** — your personal, private knowledge graph. This is the memory you build through normal use of Ditto. Access to it is sensitive and always opt-in. - **App memory** — an isolated, per-app sandbox. Every app gets its own app memory for you automatically; it is the app's own space and is never shared with other apps. An app accepting your invite does not get your main memory. ## Granular Memory Scopes Memory permissions follow the pattern `memories::`. There are five actions and two targets. The five actions: | Action | What it allows | Sensitivity | | ----------- | --------------------------------------------------------- | ----------- | | **read** | Read existing memories | Lower | | **create** | Save new memories (cannot change or remove existing ones) | Lower | | **update** | Modify your existing memories | Higher | | **delete** | Remove your memories | Higher | | **archive** | Archive your memories | Higher | `read` and `create` are the lower-sensitivity actions: an app can read what is there and add to it, but cannot rewrite or remove anything. `update`, `delete`, and `archive` each change or take away existing data, so they are higher-sensitivity and granted individually. ### Main-memory scopes (sensitive) - **Read your main memory** - **Save new memories to your main memory** - **Update your existing main memories** - **Delete your main memories** - **Archive your main memories** Main-memory permissions are highlighted with a warning and are never pre-checked. Approving any of them grants access to your private main memory, so only opt in for apps you trust. ### App-memory scopes (the app's sandbox) - **Read its own app memory** - **Save new memories to its app memory** - **Update its app memories** - **Delete its app memories** - **Archive its app memories** These act only on the app's own isolated memory, not your main memory or any other app's. ## Other Scopes Apps can also request: - **Read the memory graphs you've subscribed to** — include the public and friend-shared graphs you subscribe to in the app's reads. See [Knowledge Graph Sharing](/docs/knowledge-graph-sharing). - **Read your name** - **Read your username (@handle)** ## Approving Less Than Requested You are never forced to grant everything. Uncheck anything you would rather not share before approving. An app that wants main-memory access but only gets app-memory access still works inside its own sandbox; it simply will not see your personal memory. ## Related - [Building Apps on Ditto](/docs/building-apps-on-ditto) — how developers request these scopes - [Connected Apps](/docs/connected-apps) — connecting apps as a user - [Cross-App Data Sharing](/docs/cross-app-data-sharing) — letting one app read another's data - [Knowledge Graph Sharing](/docs/knowledge-graph-sharing) — sharing and subscribing to graphs