apps-sdk for monday code
The monday-code SDK gives developers useful tools to build and host secure apps using monday-code that seamlessly integrate with the monday.com platform. It currently contains five methods:
This document will walk through each available method, its parameters, and relevant code samples. You can also access the SDK here.
Storage
The storage method stores your app's customer data. The data is stored securely and logically segregated, meaning it is stored in smaller categories on the same device to easily grant or block access. It is segregated according to the accountId and app, so data stored by one account is inaccessible by other accounts to provide an additional layer of security.
Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
| key | String | The key to store content for. | Yes |
| value | Any serializable object | The value to store. | Yes |
| shared | Boolean | False if stored data is not shared between integrations and views. It is only accessible from backend-oriented apps. This is the default.True if stored data is accessible from both frontend and backend-oriented apps. | No |
Initialize
| Parameter | Description |
|---|---|
| ACCESS_TOKEN | The access token of the customer/account the app works for. |
import { Storage } from '@mondaycom/apps-sdk';
const storage = new Storage('<ACCESS_TOKEN>');
Methods
We expose three methods to manage the storage: set, get, and delete.
set
setThe storage.set method stores value under key in the database.
| Parameter | Type | Description | Required |
|---|---|---|---|
| key | String | The key to store content for. | Yes |
| value | Any | The value to store. | Yes |
| previousVersion | String | The last version of the stored value for a specific key. | No |
| shared | Boolean | False if stored data is not shared between integrations and views. It is only accessible from backend-oriented apps. This is the default.True if stored data is accessible from both frontend and backend-oriented apps. | No |
| version | String | The new version of the stored value. | Yes |
const { version } = await storage.set(key, value, { previousVersion, shared });
get
getThe storage.get method returns a stored value from the database under key.
const storedValue = await storage.get(key, { shared });
delete
deleteThe storage.delete method deletes a stored value under key from the database.
await storage.delete(key, { shared });
Secure storage
The secureStorage method stores sensitive customer data for monday-code projects. The data is stored securely and logically segregated, meaning it is stored in smaller categories on the same device to easily grant or block access. It is segregated for your specific app, so data stored by one app is inaccessible by other apps to provide an additional layer of security.
This method will automatically utilize the real secure storage if your monday-code project is deployed. If you use the SDK locally, it will utilize the local secure storage, or a local mock database that mimics the API exposed by the real secure storage. The local secure storage will not be retained if you don't have permissions to write files on the disk.
Parameters
| Parameter | Type | Description | Required |
|---|---|---|---|
| key | String | The key to store content for. | Yes |
| value | Any | The serializable value to store. | Yes |
Initialize
import { SecureStorage } from '@mondaycom/apps-sdk';
const secureStorage = new SecureStorage();
Methods
We expose three methods to manage secure storage: set, get, and delete.
set
setThe secureStorage.set method stores value under key in the database.
| Parameter | Type | Description | Required |
|---|---|---|---|
| key | String | The key to store content for. | Yes |
| value | Any | The serializable value to store. If the value is not an object, it will be wrapped in an object with a key value. | Yes |
await secureStorage.set(key, value);
get
getThe secureStorage.get method returns a stored value from the database under key.
const storedValue = await secureStorage.get(key);
delete
deleteThe secureStorage.delete method deletes a stored value under key from the database.
await secureStorage.delete(key);
Environment variables manager
The EnvironmentVariablesManager enables you to read your app's environment variables in a deployed monday-code project. If you need to set the variables, you can use the CLI.
The variables are on an app level, so you can access them with all app versions. They are also securely stored and can be used to hold sensitive data like API keys and DB connection strings.
if using node.js sdk, encourage you to utilize env var manager to load variables without redeploying your server. if using other languages (link to quickstarts), you need to redploy the service so new variables will take effect.
Initialize
import { EnvironmentVariablesManager } from '@mondaycom/apps-sdk';
// Initialize the environment variables manager without injecting env into `process.env`
let envManager = new EnvironmentVariablesManager();
// Initialize the environment variables manager and inject env into `process.env`
envManager = new EnvironmentVariablesManager({ updateProcessEnv: true });
Methods
We expose two methods to manage the environment variables: get and getKeys.
get
getThe envManager.get method retrieves environment variables.
// Get cached environment variable
const cachedValue = envManager.get(key, { invalidate: false });
// Get the latest version of environment variable
const latestValue = envManager.get(key);
getKeys
getKeysThe envManager.getKeys method retrieves environment variables keys.
// Get all cached environment variables keys
const cachedKeys = envManager.getKeys({ invalidate: false });
// Get all environment variables keys
const latestKeys = envManager.getKeys();
Logger
The logger is a simple way to log your app's messages in a monday-code project. You can access the logged messages via the CLI. Logs written without the logger are not accessible using the CLI and may not get labeled correctly.
Initialize
import { Logger } from '@mondaycom/apps-sdk';
const tag = 'my-app';
// tag will be added to every logged message
const logger = new Logger(tag);
Methods
We expose four methods to manage environment variables: info, warn, error, and debug.
info
infoThe logger.info method logs an info message.
logger.info('info message');
warn
warnThe logger.warn method logs a warning message.
logger.warn('warn message');
debug
debugThe logger.debug method logs a debug message.
logger.debug('debug message');
error
errorThe logger.error method logs an error message.
// Stack trace will be logged as well if error is provided
logger.error('error message', { error: new Error('error') });
Queue
We support a queue built on a simple publish-subscribe (i.e., pub/sub) model. Please note that each minor and major app version has its own queue.
Initialize
import { Queue } from "@mondaycom/apps-sdk";
const queue = new Queue();
Methods
We expose two methods to manage the queue: publishMessage and validateMessageSecret.
publishMessage
publishMessageThe publishMessage method publishes a message to the queue. It takes the message parameter as a string.
After publishing, messages are sent as POST requests to a specific app endpoint: /mndy-queue.
const messageContent = JSON.stringify({ content: "This is a message" })
const messageId = await queue.publishMessage(messageContent)
validateMessageSecret
validateMessageSecretEach message contains a random secret string in the query params of the request that can be used to authenticate the request. The validateMessageSecret method confirms whether or not a message is valid and that the request to the /mndy-queue endpoint was triggered by monday code.
Please note that each minor and major app version has its own secret for the message.
const queryParams = req.query;
if (!queue.validateMessageSecret(queryParams.secret)) {
logger.info("Queue message received is not valid, since secret does not match. This message could come from an attacker.");
throw new Error('not allowed')};
}
Receiving a message
All messages will be sent to your app as HTTP POST requests at the /mndy-queue endpoint.
app.post(
"/mndy-queue",
async (req, res) => {
try {
const { body, query } = req;
readQueueMessage({ body, query });
return res.status(200).send({}); // return 200 to ACK the queue message
} catch (err) {
logger.error(err.error);
return res.status(500).send({ message: "internal server error" });
}
}
);
Responding to a message
When you receive a message, you should respond to the request with a success status (HTTP 200) within 10 minutes. If you don't respond in that time, or if you return an error, we will attempt to resend the queue item 9 more times. The message will disappear after the tenth and final attempt.
Updated 4 months ago