![]() An individual scope is generally associated with a single method and REST API category. Individual scopes: To enable supported content and administrative actions, you can use their individual scopes. ![]() Note: To enable GET methods for administrative actions, like users and groups, you can use their individual scopes. More specifically, using this scope you enable GET methods for data sources, metrics, views, workbooks, projects, and sites. When you use this scope, you enable actions across REST API categories. Scopes generally fall into one of the following types: content read, individual, wildcard, and cross-category.Ĭontent read scope: The content read scope, tableau:content:read, enables supported GET methods for Tableau content. The type of scope you use depends on the content or administrative action that you want to enable. A scope is a colon-separated string that starts with the namespace tableau, followed by the Tableau resource that access is being granted to, such as datasources, and ends with the action that is allowed on the resource, such as update.įor example, a scope that allows your custom application to call the Update Data Source (Link opens in a new window) method looks like: Extend and automate complex Tableau integrations and backend queries-such as dynamic content retrieval and advanced filteringĬonnected apps use scopes that grant access to content or administrative actions through the REST API methods that support JWT authorization (below).Enhance efficiency-using a JWT as a bearer token enables a simplified impersonation with one request to the Sign In endpoint instead of two requests. ![]() Enhance security-using a JWT as a bearer token is inherently more secure than storing and managing admin user passwords through.The JWT must contain scopes that define the REST API methods that are available to your custom application and its users through the connected app.Īuthorize access to the REST API using connected apps to: Access to the REST API is enabled by a JSON Web Token (JWT) defined as part of the initial Sign In request. On the deep end, however, you could have a "master" token that has access to a workspace with all available scopes included.Starting with Tableau Server version 2022.3, using Tableau connected apps, you can programmatically call and access the Tableau REST API through your custom application on behalf of Tableau Server users. For example, on the narrow end, you can create a PAT that only has a single scope to a single base in Airtable. Personal Access Tokens or PATs allow users to create multiple access tokens that allow for a wide range of access to the information held in Airtable bases. While there are no immediate actions you need to take right now as we work to make this transition as smooth as possible, we recommend all users begin migrating away from legacy API Keys to our new API authentication methods. Since this is a major change to the Airtable API, the deprecation period will last for 12 months and end on Feb 1, 2024. Related to this, webhooks created by user API keys in enterprise bases will expire at the end of this period. On January 18th, 2023, we began the deprecation period of user API keys. ![]() Third-party integrations via OAuth overview - Help article that discusses the broader ways to manage which third-party integrations have access to your Airtable data.Service accounts overview - Help article that explains how Airtable admins can set up non-user accounts that can access Airtable's APIs.Scopes developer documentation - More technical information related to scopes in Airtable.Permission contingent - The scopes and access that you can set up with personal access tokens will reflect the permissions that you have in the various workspaces and bases connected to your Airtable account. Certain features are only available to Enterprise customers. Introduction Plan availabilityĪll plan types. Learn how to set up and manage Personal Access Tokens in Airtable. ![]()
0 Comments
Leave a Reply. |