Authentication

Learn about monday platform API token permissions, how to access tokens, and how to authenticate requests

Before you can start querying the monday.com account with the API, you need to provide valid authentication through an access token. Each user has their own V2 API token (of no explicit length) that grants access to the same content the user can access via the UI.

For example: if you don't have permission to access a certain board or workspace via the UI, you won't have permission using your personal API token either.

API token permissions

Each personal token can only do actions that the user can do in the UI. For example, if a user cannot access a particular private board, the API token will not be able to access that data either. This extends to any column, item, or account permissions that apply to a user.

App tokens have an additional set of permission scopes that specify which queries and mutations it can access. Personal tokens have all permission scopes.

Accessing API tokens

You can use one of two methods to access your API tokens based on your user level (account admins can use both!)

Admin tab

If you are an admin user on your monday.com account, follow these steps to access your API token:

  1. Log into your monday.com account.
  2. Click on your avatar/profile picture in the top right corner.
  3. Select Administration > Connections > API.
  4. Copy your personal token. Please note that you can always regenerate a new token, but doing so will cause any previous tokens to expire.

Developer tab

If you are a member user or an admin on your monday.com account, follow these steps to access your API token:

  1. Log into your monday.com account.
  2. Click on your profile picture in the top right corner.
  3. Select Developers. This will open the Developer Center in another tab.
  4. Click My Access Tokens > Show.
  5. Copy your personal token. Please note that you can always regenerate a new token, but doing so will cause any previous tokens to expire.

Using API tokens

Once you have your token, you can make requests with the API by passing the token in the Authorization header.

Send the API v2 token in the "Authorization" header:

"Authorization:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

📘

Join our developer community!

We've created a community specifically for our devs where you can search through previous topics to find solutions, ask new questions, hear about new features and updates, and learn tips and tricks from other devs. Come join in on the fun! 😎