It recently became possible to add import and export permissions to the scope of a personal access token or an application that is defined in the ‘Applications’ section of the Settings console.
What has changed is that it is no longer enough to simply add the action ‘Export’ to a scope. To make it possible for a personal access token or an application to actually perform an export of a specific type of 4me record, this record type must now also be included in the scope with the Read box checked. So an export of person and organization records, for example, is only possible if exports are allowed and read access has been provided for these record types:
Similarly, to make it possible to perform imports of certain record types, the action ‘Import’ needs to be included in the scope and the Create and Update boxes must be checked for those record types.