Authentication

Learn about monday platform API token permissions, how to access tokens, and how to authenticate requests

To query your monday.com account with the API, you must authenticate with a valid API token. Each user has a unique V2 API token (of no explicit length) that grants access to the same content they can view in the UI.

Token permissions

Personal tokens inherit the user's permissions, so they can only perform the same actions that the user can do in the UI. This extends to any column, item, or account permissions.

For example: If you don't have permission to access a certain workspace via the UI, you won't have permission using your personal API token either.

App tokens have an additional set of permission scopes that specify which queries and mutations it can access, while personal tokens have all permission scopes.

Get your token

You can use one of two methods to access your API tokens based on your user level (account admins can use both!)

For admins only (via Admin tab)

If you are an admin user on your monday.com account, follow these steps to access your API token:

  1. Log into your monday.com account.
  2. Click on your avatar/profile picture in the top right corner.
  3. Select Administration > Connections > API.
  4. Copy your personal token. Please note that you can always regenerate a new token, but doing so will cause any previous tokens to expire.

For both admins and non-admins (via Developer tab)

If you are a member user or an admin on your monday.com account, follow these steps to access your API token:

  1. Log into your monday.com account.
  2. Click on your profile picture in the top right corner.
  3. Select Developers. This will open the Developer Center in another tab.
  4. Click My Access Tokens > Show.
  5. Copy your personal token. Please note that you can always regenerate a new token, but doing so will cause any previous tokens to expire.

Using API tokens

Once you have your token, you can make requests with the API by passing the token in the Authorization header.

Send the API v2 token in the "Authorization" header: "Authorization:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

📘

Join our developer community!

We've created a community specifically for our devs where you can search through previous topics to find solutions, ask new questions, hear about new features and updates, and learn tips and tricks from other devs. Come join in on the fun! 😎


Did this page help you?