As a developer, you can think of permissions and modules along similar lines: you should strive to use only the minimum of permissions necessary in order to avoid distrust from merchants, and you should select only those modules that apply to your app in order to let your app reach as many merchants as possible. However, it is important to understand the different roles the two settings play.
Permissions are how a merchant can opt in to allowing your app to read or write to specific categories of their business’ data. If a merchant has downloaded your app, they have approved each of your 'permission' types. We keep track of what permissions your app has been given, and will only allow access where permissions are present. For example, without 'Read Orders' permission, you will be unable to access a merchant’s order information through the SDK or the REST API.
Modules are part of the upcoming app bundles, available to Clover Mini and Clover Mobile merchants. They are designed to limit your app to merchants with appropriate capabilities. Each module represents a category of resources and data which is available to merchants whose bundles include that module, and are not available to merchants whose bundles exclude it. You should use modules to indicate which features your app needs in order to minimally function. For example, if your app relies on merchant and item data, you will need to select the Merchant and Items modules. Because the Items module is not included in the Terminal Bundle, merchants on that bundle will not be able to install your app.
Note: unlike permissions, we currently do not limit API or SDK calls based on modules.