Dear Trello Community,
I created a company web app that interfaces with Trello. The Web App acts as an entry point and captures data, which is then fed to the Trello API to create / update cards. I created an “interface user”, to be the intermediary. I generated a key and a token for this interface user and the app submits trello api requests on behalf of my actual users.
In the next release of this company app, we wish to roll out to a bunch of users. I would like to change the logic of the authentication to “authorize” the web app to use each person’s account instead of this one interface user.
Using this article (How to get a new API-Token?), I ran a test to flesh out the architecture…
My original account
Trello_interface, key = 8cf71593e2ebc58a2911081c788bd744, Token = TOKEN_A.
In Postman, when I run https://api.trello.com/1/members/me?key=8cf71593e2ebc58a2911081c788bd744&token=TOKEN_A, I get a valid return.
I have another account… trellodev and I logged into it.
I then placed this call into a browser, https://trello.com/1/authorize?expiration=never&name=CE%20Webtools&scope=read,write,account&response_type=token&key=8cf71593e2ebc58a2911081c788bd744. I used the same key as trello_interface. I received an authorization token, say TOKEN_B
In Postman, when I run https://api.trello.com/1/members/me?key=8cf71593e2ebc58a2911081c788bd744&token=TOKEN_B, I get a “invalid token”.
What am I doing wrong?