Skip to main content
Sales Support

Permissions on API

I would like to be able to do more with the API than just searches, such as creating and updating people. Currently this is possible with the test token, but not an OAuth token.

A global permission level for the API would be enough, along with a flag on users to specify if they can OAuth and use the API's extended permissions. That way I could grant fine-grained permissions to the API, then give just a few users access to the API through OAuth. I would really like to stop using the test token because that's terrible security long-term.

Official response from

Grigory,

You can limit access to staffers by toggling their permission set. If you navigate through the control panel to Settings > Permission sets > select the permission set you want to limit authentication for > and scroll to the bottom you will see the option under API. Toggle this to 'no' and then assign that permission set to staffers you want to limit app authentication for.

 

Share this post

Showing 1 reaction

How would you tag this suggestion?
Please check your e-mail for a link to activate your account.