Today I’m happy to announce that we’ve launched a new API feature: restricted API tokens.
Up until now, API tokens can be used to do anything your account can do with the API. With restricted tokens, you can create API tokens that only allow access certain actions on certain objects.
Restricted tokens can help you secure your API access because disclosure of a restricted token does not allow access to the entire account, so it’s safer to share with other people or put into automated processes.
Here’s an example of how to create one.
You can restrict tokens to operate on a document, table, or view. And, you can restrict a token to allow read access only, write access only, and read/write access. And, like all API tokens, you can revoke them which eliminates all access using that token.
For more information about this feature, documentation is available on our API page. https://coda.io/developers/apis/v1beta1#section/Authentication. Please reach out with feedback, questions, and bugs.