Hi there, I have checked the documentation and the existing discussions but could not find an answer to this.
I am researching to integrate Monday Oauth APIs for handling authentication to our system. We will use the access token for,
Handle authentication of our system
To sync user data with Monday Boards
Now the documentation state that I can request the scope, account:read which I guess I should able to get the user email, name etc.
However oauth success response returns only following details only ( According to the documentation )"
{
access_token,
token_type,
scope,
}
My question is how do I read the account details of this user ? I could not find an example for this. I have also checked the gql postman collection but it only has an query to get list of users.
Once you get the token, you can use it to request that data with the monday.com GraphQL API using the token after you get it.
If you’re a UI app you get the users Id from the context within the UI itself. If its an integration app, the authorization sends a JWT in the “token” query parameter that is signed with your signing secret. This can be decoded and contains various details like the userId, accountId, boardId, integrationId, backToUrl, etc.
You would use the following with the GraphQL API to get the user’s details. For this you need the me:read scope. If its a backend you’d use the OAuth, front-end you’d just use seamless authentication.
{
me { //me = token user account; me:read
id
name
email
}
}
As far as authenticating to your system, you do not use monday OAuth tokens for that. Your UI can generate a session token which you can verify using your apps client secret on your backend. This is the preferred way your UI to authenticate to your back end since its not a fixed token and expires hourly. Obviously, if you’re integrating with a third-party (or your own) service that has its own login and you need to store a token you’d take them through that process too.
Your backend would then use the OAuth token to make any API calls needed. The front end (monday app view) would use seamless authentication of the SDK, so no need to provide a token there for API calls.
Thank you for your detailed answer. I am going to use the Monday Oauth for registering the user to my database. Not for manage authorization. Users are currently complaining as they have to register in both Monday and our system.
Also, I just realized there’s a playground available. I was checking the Postman collection for me query. My Bad
Using the session token I described is exactly what you should use so that users don’t have to register in your system. You can create records in your system without taking them through any process, and the session tokens are seamless - you do not need any user interaction to get them and they contain the userId and accountId you need to store things in your DB by user. This will make everything transparent for your end users. The app just works, no Oauth steps needed.
