Skip to main content

Hi, I am setting up my first API and need some direction.

We have an external client that we have given access to a board. They want to access certain data on the board via API. Couple of questions:

  • How can I give them an API that only allows them to see one board?
  • How can I set this up so that it cannot make changes to that board.
  •  

I would think this would be easy to find but Im having trouble finding the solution.

 

thanks!

 

 

I have a call into support but I figured I would try here and get better answers! Thanks so much!

Hey ​@Larryr20,

 

The API token that you generate for the user has the same permissions as the user would directly in monday.com. 

Just note, guests can’t generate API tokens, they need to be a member.

 

The other way I can think of would require a bit of setup but should work for you.

If you create a monday App - https://developer.monday.com/apps/docs/intro - you can specifiy the scopes required for the app, in this case you would have boards:read only. You can then install this app and provide access only to a specific workspace (you may need to move around the boards into a locked workspace).

If you then set up OAuth for this app and generate a token, it will have read-only permissions in the workspace you have given access to during install.

 

This is likely the closest you will get.

Terms & ConditionsCookie settingsAccessibility statement