Skip to main content
Answered

Is it possible to have separate permissions for Access Token and oAuth?


Forum|alt.badge.img+1
  • Active User
  • 19 replies

HolaπŸ‘‹

 

We have intercom integration which is used by our customers and use intercom for ourselves too. Currently we a developing a 'delete account' feature to become GDPR-compliant. So when user in our system requests delete of his theirs data we need to delete it from intercom as well.

 

I assumed that using Access Token for requests gives you all the permissions but seems like I was wrong. When I try to delete a company I get "token_unauthorized".

 

There is a list of permissions in Authentications but AFAIK if I enable delete permissions there they will be requested form our customers who installed our integration too.

 

Is there a way to generate different Permission scopes for API key (internal use) and oAuth (external use)?

 

Thanks in advance for any tips

 

Best answer by Misha

Solved it by creating new private app with all permissions enabled

View original
Did this topic help you find an answer to your question?

2 replies

Forum|alt.badge.img+1
  • Author
  • Active User
  • 19 replies
  • Answer
  • October 14, 2021

Solved it by creating new private app with all permissions enabled


Eric Fitz
Employee
Forum|alt.badge.img+5
  • Employee
  • 1630 replies
  • October 15, 2021

Nice workaround, @misha​!


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings