How to onboard applications to MeshDB
Adding a new API Token
Make a new user specifically for the application, not just the author of the application. For example, if Andy is creating an application to measure member distance to link NYC kiosks, don't create a user called AndyB
, create a user called AndyB-LinkNYCKioskTool
. For the password, enter something secure, like a random password generated by your browser, but there is no need to save this password, we will use a token to authenticate this user.
Save the user, and then click on the username in the Users list to add the necessary permissions directly on the user object. Do not add the user to any groups. Do not grant the user Staff or Superuser permissions
Use the arrows or double click to select permissions from the list of all possible permissions the application could be granted. Most applications do not need change/delete/add permissions. In this example, we grant Andy's tool "view" access to the Install
, Building
, and Member
tables.
Save the user object, and then select "Add" next to Tokens. Then select the user you just created in the dropdown
Save the new token, then send it to the author of the application. For more information on using this token to query the API, see the API docs here: https://db.grandsvc.mesh.nycmesh.net/api-docs/swagger/#/