aleksg
1
I would like to change the scope for the tokens users are receiving when authorizing (REST API Client).
I have two questions:
- Is there a way to invalidate ALL tokens for all users in one go, so they are forced to authorize again?
- How can I check what scope (e.g. ‘write’) is the given token covering?
1 Like
You can not make a single API request to invalidate all tokens for a specific key. However, you can make a single DELETE call per a token to delete the token: https://developer.atlassian.com/cloud/trello/rest/api-group-tokens/#api-tokens-token-webhooks-idwebhook-delete
You can make a GET request to 1/tokens/{token}
with each token and you’ll see a response like this that includes the scopes:
{
"id": "22f1c54836089bdb264f837d",
"identifier": "Example Token",
"idMember": "5589c3ea49b40cedc28cf70e",
"dateCreated": "2021-04-28T19:55:30.122Z",
"dateExpires": "2021-04-28T20:55:30.122Z",
"permissions": [
{
"idModel": "5589c3ea49b40cedc28cf70e",
"modelType": "Member",
"read": true,
"write": true
},
{
"idModel": "*",
"modelType": "Board",
"read": true,
"write": true
},
{
"idModel": "*",
"modelType": "Organization",
"read": true,
"write": true
}
]
}
aleksg
3
Thanks for the quick reply.
Does having permissions on modelType “Member” correspond to the “account” scope?
1 Like
Yes - sorry for not specifying that.