Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

REST API: Token for single workspace/organization or some boards

Николай
Mykola
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 11, 2021

Hi.

I'm just started with trello automation (REST API).
I have connected telegram chat with trello for adding new cards.
But I would like to add cards from individual user.
So we need tokens to everyone in chat and connect accounts cross-platform.

It's not a big deal, but I'm concerned about security issue because having token you are grants access to all boards and all workspaces/organizations.

We need to choose either single workspace/organization nor some boards.

Is it possible create user's REST API Token for single workspace/organization?

Thanks.

Answer
Watch
Like Be the first to like this
837 views

1 answer

0 votes
Sunny Ape
Sunny Ape
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 11, 2021

Hello @Николай 

 

In short, the answer is no. A REST API token equates to a user account, so whatever that user can do / see, then the exact same can be done / seen via their token.

You can only constrain a token to the same degree you can constrain the user who owns it.

View More Comments
Николай
Mykola
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 12, 2021

Hello @Sunny Ape 

Thanks for your reply.

Looks like we have just two options:
- create new accounts for our new project
- create account for user-bot and create cards from his name

Main reason to do so is reduce potential damage for users if their tokens will leak.

Like
Sunny Ape
Sunny Ape
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 12, 2021

hello @Николай 

I like the idea of a 'user-bot' as I have that concept in use in my current work environment.

I use that generic user-bot account as the owner of all my important Butler workflows too, that way the actions logged in the board and card histories belong to that account, rather than a 'real person', so that people who read those entries know the difference straight away.

This tying of Butler rules to a person's account instead of a generic system / root account is one of the idiosyncrasies of Trello that you just have to live with.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Trello
Trello
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security