Skip to main content

Spikerz – Platform Permissions Guide

A clear breakdown of every permission Spikerz requests, why we need it, and how it protects your account.

Written by Ron Storfer

Two access modes

  • Ongoing protection (default): the permissions listed below. Spikerz actively monitors and takes action on threats in real time, including removing harmful comments, blocking malicious DMs, and responding to account events.

  • Audit-only (read-only): a reduced scope for one-time assessments. Spikerz reads and reports across the same surfaces (including comments and DMs) but takes no action: no removals, no replies, no setting changes.


Ongoing Protection Permissions

The permissions below apply to Spikerz's default ongoing protection mode, where Spikerz actively monitors and takes action on threats in real time. For the reduced read-only scope used in one-time assessments, see Audit-Only Mode at the bottom.


Facebook

Facebook Page Permissions Used by Spikerz

  • Create & manage content Allows Spikerz to monitor posts for policy violations and suspicious activity.

  • Manage comments Filters spam, scams, and harmful interactions to protect your community.

  • Read the content posted Enables content scanning for violations or brand safety risks.

  • Manage accounts, settings & webhooks Ensures stable integration and real-time security alerts.

  • Show a list of your Pages Helps Spikerz identify which Pages require monitoring and protection.


Meta Business Suite

(Shared permission layer for Facebook Pages + Instagram Business/Creator accounts)

Permissions Used by Spikerz

  • Email Address Used to send alerts, notifications, and security messages.

  • Access to Business Suite Enables Spikerz to view and protect all connected Meta assets in one place.

Instagram Permissions via Meta Business Suite

(Instagram Business / Creator accounts only)

  • Access profile & posts Scans content for violations, engagement issues, and shadowban indicators.

  • Access Instagram insights Provides access to analytics for performance and engagement reporting.

  • Manage comments Filters spam, harmful comments, and scam attempts.

  • Manage & access messages Protects the inbox from phishing, impersonators, and suspicious accounts.


Instagram (via Instagram API)

(For Instagram accounts connected directly through the official IG API, not via Meta Business Suite)

Permissions Used by Spikerz

  • Email & username Used to identify the account and personalize alerts.

  • Manage & access messages Secures DMs from phishing and impersonator attacks.

  • Content details Allows Spikerz to analyze posts, captions, hashtags, and engagement.

  • Manage comments Enables automatic spam filtering and harmful comment removal.


YouTube

YouTube Permissions Used by Spikerz

  • View your YouTube account Provides visibility into channel activity and performance metrics.

  • See, edit, and delete videos, ratings, comments, and captions Gives Spikerz the ability to analyze your content and remove harmful or impersonating materials.

  • Manage comments Filters spam, scams, or abusive comments to protect your audience.

These permissions support:

  • Content scanning & policy compliance

  • Impersonator detection

  • Comment moderation

  • Safety insights for creators and brands


TikTok

TikTok Permissions Used by Spikerz

Profile Information

  • Avatar & display name Helps detect impersonation or misuse of brand identity.

  • Bio description & profile link Ensures your profile cannot be exploited for scams or fraudulent activity.

  • Verification status Confirms your account's authenticity.

Content Access

  • Access to public videos Enables Spikerz to analyze visibility, detect content risks, and identify performance issues.

These permissions support:

  • Impersonator detection

  • Content compliance checks

  • Performance visibility analysis


X (formerly Twitter)

X Permissions Used by Spikerz

Profile Information

  • Username, profile picture, header image & bio Used to detect impersonators and ensure brand consistency.

  • Account verification status Confirms authenticity.

Content & Interaction

  • Tweets & retweets Allows content analysis and safety monitoring.

  • Manage comments (replies) Enables automatic filtering of harmful, spam, or scam replies.

These permissions support:

  • Impersonator detection

  • Reply/comment protection

  • Brand safety monitoring


LinkedIn

LinkedIn Permissions Used by Spikerz

Profile & Account Information

  • Manage your profile Used to monitor for unauthorized changes and detect impersonator profiles mimicking your professional identity.

Content & Interaction

  • Manage comments Automatically filters out spam, phishing links, and toxic professional interactions.

  • Access to posts Scans your published professional content for brand safety risks and unauthorized use of your expertise.

Access & Security Management

  • Permissions & user roles Provides a centralized view of all team members and agencies with access to your Page, allowing for instant removal of stale or risky users.

  • Real-time login monitoring Tracks unusual login attempts to prevent account takeover (ATO) before it happens.

These permissions support:

  • Active hacking protection: keeping your assets safe and secure.

  • Impersonator detection: protecting your professional reputation.

  • Access governance: ensuring only the right people have access to your brand's professional presence.


Audit-Only Mode (View-Only Permissions)

For customers running a one-time audit or a read-only assessment, Spikerz reads and analyzes the account but takes no action. Comments and DMs are scanned for phishing, scams, and impersonation, but never removed, replied to, or moderated.

Facebook

  • Show a list of your Pages: identify which Pages are in scope

  • Read the content posted: scan posts for violations and brand-safety risks

  • Read comments: detect spam, scams, and harmful interactions (no removal)

  • Read DMs: detect phishing, impersonators, and suspicious accounts (no replies, no moderation)

  • Read permissions & user roles: surface stale or risky users (no removal)

  • Not used in audit mode: Create & manage content, Manage accounts/settings/webhooks

Meta Business Suite

  • Email address: send the audit report and alerts

  • Access to Business Suite (read): view connected Meta assets in one place

  • Read permissions & user roles: surface stale or risky users (no removal)

Instagram (via Business Suite)

  • Access profile & posts: scan content for violations and shadowban indicators

  • Access Instagram insights: performance and engagement read-out

  • Read comments: detect spam, scams, and harmful interactions (no removal)

  • Read DMs: detect phishing, impersonators, and suspicious accounts (no replies, no moderation)

  • Read permissions & user roles: surface stale or risky users (no removal)

Instagram (via Instagram API)

  • Email & username: identify the account

  • Content details: analyze posts, captions, hashtags, engagement

  • Read comments: detect spam and harmful content (no removal)

  • Read DMs: detect phishing and impersonator attempts (no replies, no moderation)

YouTube

  • View your YouTube account: visibility into channel activity and metrics

  • Read videos, ratings, comments, and captions: content analysis only

  • Read comments: detect spam, scams, and abuse (no removal)

  • Read permissions & user roles: surface stale or risky users (no removal)

  • Not used in audit mode: Edit or delete videos, E

TikTok

  • Avatar & display name: impersonation detection

  • Bio description & profile link: scam/fraud exposure check

  • Verification status: confirm authenticity

  • Access to public videos: content risk and performance analysis

X (formerly Twitter)

  • Username, profile picture, header, bio: impersonator detection

  • Account verification status: confirm authenticity

  • Read tweets & retweets: content and safety analysis

  • Read replies: detect harmful, spam, or scam replies (no removal)

LinkedIn

  • Read profile: detect impersonator profiles and unauthorized changes

  • Read posts: brand safety scan of published content

  • Read comments: detect spam, phishing links, and toxic interactions (no removal)

  • Read permissions & user roles: surface stale or risky users (no removal)

  • Real-time login monitoring: detect unusual login attempts (no enforcement)

  • Not used in audit mode: Manage profile

What audit mode does NOT do

  • No posting, editing, or deleting content

  • No removing or replying to comments

  • No moderating or replying to DMs

  • No account, settings, or permission changes

  • No webhooks or automated actions

Audit mode is strictly read-only. Spikerz observes, reports, and recommends; it never writes back to your accounts.


✔️ Summary

These permissions enable Spikerz to deliver:

  • Real-time impersonator detection

  • Content and caption violation scanning

  • Analytics + performance insights

  • Spam, scam, and phishing filtering

  • Comment & DM security

  • Protection against hacking and account misuse

All permissions are used strictly to enhance your safety and optimize your social media presence.

Did this answer your question?