Skip to main content

Adding scopes for token provided by app

  • March 11, 2025
  • 6 replies
  • 38 views
I

We have an app called “Lead and Contact Info Finder” (App ID: 10163558). When we initially developed the app, we requested a specific set of scopes to allow API functionality. As a result, the tokens generated for users who installed the app include only those original scopes.

Now, we would like to add two additional scopes:

  • docs:read
  • docs:write

This change means that all users who have already installed the app will need their token scopes expanded to include these new permissions.

My question is: Can Monday developers expand the scopes of all tokens that were previously created for this app? If so, what steps should we follow to make this happen?

Looking forward to your guidance!

6 replies

basdebruin
  • basdebruin
  • Community Expert
  • March 11, 2025

Sure, you can. You have to create a new version of your app and provide the additional scopes. Then you promote that version as the live version

I
  • Imanuel
  • Author
  • New Participant
  • March 12, 2025

Thank you @basdebruin ,

Will that automatically update the existing token permissions, for all the users which already installed the app? Or they will need to re-install the app, to get a new token with all permissions?

dvdsmpsn
Forum|alt.badge.img+1
  • dvdsmpsn
  • Participating Frequently
  • March 12, 2025

The permissions will not automatically update.

Your board/item/object views will display the following banner after the oauth scopes have changed:

image

An admin user will have to click on “Review permissions” and accept before the new functionality works.

Ensure that your code captures for graphql errors based on this and displays an appropriate (error) message.

One way to test this (before pushing to live) will be to remove the oauth scope from your “completed” feature and see how your app behaves, then adjust accordingly, before reapplying the new scope.

You can inform your current users in your changelog in your product documnetation, or an email, or in a popup in your product views.

basdebruin
  • basdebruin
  • Community Expert
  • March 12, 2025

No need to re-install the app for your users, but they need to update. Depending on the changes the update is fully automatic or triggered by an account admin though Avatar > Administration > Apps

I
  • Imanuel
  • Author
  • New Participant
  • March 13, 2025

Thank you @basdebruin and @dvdsmpsn !

Following @dvdsmpsn 's comment, I saw this Monday article specifying that we should get a banner regarding the permissions update:

Apps Framework

Our published app, has a replica private app - used for testing by our team. When I add new scopes for the private app, the users which have it installed already, does not get a banner saying new permissions are needed.

Is that normal? Will only a published / public apps will send a notification banner in case the scopes were updated?
Perhaps there may be some config which causing us not to see the banner, or anything like that?

Appreciate your help!

Y
  • YuvrajSingh
  • Participating Frequently
  • June 10, 2025

Hi @Imanuel, we also have the same question.

Can you please let us know that when you promoted your app’s new version to live with updated scopes, the token which you stored with previous scope got updated with the new scopes?

Terms & ConditionsCookie settingsAccessibility statement