API Access Token for Single Sheet
Comments
-
I create a special user and share the only the sheets need for the API.
Since I use gmail, I can have multiple email addresses going to the same inbox.
The API token can be generated by a non-licensed user.
Craig
-
Thanks Craig.
Unfortunately, my company does not allow me to share a sheet with an "external" user so I can't use this as a work around.
I could move the sheet to my external account and share it from there, but that would be against the security policy.
Other thoughts?
Thanks,
Brent
-
At my previous company, we were using SSO with Smartsheet.
I created a user (not a SysAdmin!)
api_01@mycompany.com
I had IT forward any emails to me.
I would log in as that user to set the token only once. After that I only needed to log in if something was wrong (it never was)
I would share sheets or workspaces as need to the 'user'.
I don't give access tokens to other people. If they need to access something, they should create their own token.
IT was happy because this is MORE secure than not having the user.
Craig
-
In order for the token to work doesn't the token creator need to be the owner of the sheet?
-
The token will work if you have visibility to that sheet. You do not need to be the owner.
You may have restrictions on what you can do to the sheet as a viewer (e.g. cannot add rows or similar). This can be circumvented by adding the others as editors.
This is very unsecure as the API token allows access to all of your sheets.
-
Sorry to bring up an old thread - but do you know if this is still the case re: API token can be generated by a non-licensed user? I'm seeing differently and wonder if it's just me or something changed.
Categories
- All Categories
- 14 Welcome to the Community
- Customer Resources
- 64.9K Get Help
- 441 Global Discussions
- 139 Industry Talk
- 471 Announcements
- 4.9K Ideas & Feature Requests
- 129 Brandfolder
- 148 Just for fun
- 68 Community Job Board
- 496 Show & Tell
- 33 Member Spotlight
- 2 SmartStories
- 300 Events
- 36 Webinars
- 7.3K Forum Archives