Hi,
I created a token that is used in an HTTPCaller to download Workspaces from Flow via the Flow REST API. I granted the token only permission to access Repositories which worked fine but the problem is that as soon as a new repository is created, the initial permission is not extended for this new repos.
It seems that I either have to manually re-grant permissions everytime a new repository is created or grant “All Permissions”.
Is there any better option?
That does seem like a bit of an oversight huh.
I would probably instead just create a web connection using the Admin user web connection. Just make sure only admin has access to the connection and repo where the workspace is.
Could that be an option for you?
We’re facing a similar situation where we need to create feature branch repositories to run integration tests. Currently, we’re required to grant excessive permissions to the token, which poses a security concern.
Ideally, the token should inherit owner-level rights for any folders or resources it creates, minimizing the need for broad access.