Changing token scope

I would like to change the scope for the tokens users are receiving when authorizing (https://developer.atlassian.com/cloud/trello/power-ups/rest-api-client/#client-authorize-opts-).
I have two questions:

  1. Is there a way to invalidate ALL tokens for all users in one go, so they are forced to authorize again?
  2. How can I check what scope (e.g. ‘write’) is the given token covering?
1 Like

You can not make a single API request to invalidate all tokens for a specific key. However, you can make a single DELETE call per a token to delete the token: https://developer.atlassian.com/cloud/trello/rest/api-group-tokens/#api-tokens-token-webhooks-idwebhook-delete

You can make a GET request to 1/tokens/{token} with each token and you’ll see a response like this that includes the scopes:

{
    "id": "22f1c54836089bdb264f837d",
    "identifier": "Example Token",
    "idMember": "5589c3ea49b40cedc28cf70e",
    "dateCreated": "2021-04-28T19:55:30.122Z",
    "dateExpires": "2021-04-28T20:55:30.122Z",
    "permissions": [
        {
            "idModel": "5589c3ea49b40cedc28cf70e",
            "modelType": "Member",
            "read": true,
            "write": true
        },
        {
            "idModel": "*",
            "modelType": "Board",
            "read": true,
            "write": true
        },
        {
            "idModel": "*",
            "modelType": "Organization",
            "read": true,
            "write": true
        }
    ]
}

Thanks for the quick reply.

Does having permissions on modelType “Member” correspond to the “account” scope?

1 Like

Yes - sorry for not specifying that.