Adding scopes for token provided by app

monday Apps & Developers
, , ,
1

We have an app called “Lead and Contact Info Finder” (App ID: 10163558). When we initially developed the app, we requested a specific set of scopes to allow API functionality. As a result, the tokens generated for users who installed the app include only those original scopes.

Now, we would like to add two additional scopes:

  • docs:read
  • docs:write

This change means that all users who have already installed the app will need their token scopes expanded to include these new permissions.

My question is: Can Monday developers expand the scopes of all tokens that were previously created for this app? If so, what steps should we follow to make this happen?

Looking forward to your guidance!

2

Sure, you can. You have to create a new version of your app and provide the additional scopes. Then you promote that version as the live version

3

Thank you @basdebruin ,

Will that automatically update the existing token permissions, for all the users which already installed the app? Or they will need to re-install the app, to get a new token with all permissions?

4

The permissions will not automatically update.

Your board/item/object views will display the following banner after the oauth scopes have changed:

image
image1444×452 42.4 KB

An admin user will have to click on “Review permissions” and accept before the new functionality works.

Ensure that your code captures for graphql errors based on this and displays an appropriate (error) message.

One way to test this (before pushing to live) will be to remove the oauth scope from your “completed” feature and see how your app behaves, then adjust accordingly, before reapplying the new scope.

You can inform your current users in your changelog in your product documnetation, or an email, or in a popup in your product views.

5

No need to re-install the app for your users, but they need to update. Depending on the changes the update is fully automatic or triggered by an account admin though Avatar > Administration > Apps

6

Thank you @basdebruin and @dvdsmpsn !

Following @dvdsmpsn 's comment, I saw this Monday article specifying that we should get a banner regarding the permissions update:

Our published app, has a replica private app - used for testing by our team. When I add new scopes for the private app, the users which have it installed already, does not get a banner saying new permissions are needed.

Is that normal? Will only a published / public apps will send a notification banner in case the scopes were updated?
Perhaps there may be some config which causing us not to see the banner, or anything like that?

Appreciate your help!