Scope a Token to a User
When your app serves multiple users, you’ll want each user’s token to only access their own connections. You do this by tagging connections withmetadata (e.g., { userId: "user-123" }) when you create them, then creating a token with the same metadata constraint. The token will only be able to see connections whose metadata matches.
- CLI
- TypeScript
- cURL
my-app where metadata.userId is user-123 — nothing else. Even if the client tries to access another user’s connection, the request is denied.
You can also match on multiple metadata fields at once. Fields within a single metadata object are AND’d, so the token below only matches connections where both userId and tier match:
- CLI
- TypeScript
- cURL
Multi-Level Access (Workspace / Org)
Real apps often have multiple access levels. For example, a user should see:- Their own connections
- Connections shared with their workspace
- Global connections configured by an admin
policy array. Each constraint is an independent grant — the token can access anything that matches any of them.
- CLI
- TypeScript
- cURL
For this to work, tag your connections with the right metadata when you create them:
- User connections:
metadata: { userId: 'user-123' } - Workspace connections:
metadata: { workspaceId: 'ws-acme' } - Global connections:
metadata: { scope: 'global' }
Narrow a Token
You can create a narrower token from an existing service token. The new token can only have equal or fewer permissions — it cannot exceed the parent token’s scope. This is useful when your backend holds a broad token and needs to hand out more restricted tokens per request. For example, using the multi-level token from the previous section as the starting point:- CLI
- TypeScript
- cURL
Operation Scoping
Control what operations a token can perform on each resource.Read-Only Dashboard Token
- CLI
- TypeScript
- cURL
Execute-Only Agent Token
- CLI
- TypeScript
- cURL
Multi-Resource Token
A single token can grant access to multiple resources by passing multiple constraints in thepolicy array:
- CLI
- TypeScript
- cURL
Constraint Reference
Thepolicy array contains constraints — each one is a self-contained grant describing what the token can access.
- Adding a field narrows (AND). Each field adds a condition. More fields = more restrictive.
- Adding to a list widens (OR). Each list element adds an alternative. More elements = more permissive.
policy array, each is an independent grant. The token can access anything matching any constraint.
- CLI
- TypeScript
- cURL
Metadata within a single object is AND’d:
{ owner: 'alice', env: 'prod' } means owner is alice and env is prod. Use a list for OR: [{ owner: 'alice' }, { env: 'prod' }] means owner is alice or env is prod.Security Best Practices
- Always set a TTL. Tokens expire after the TTL (max 24 hours). Shorter is better — mint fresh tokens per session.
- Scope to the minimum needed. A token for calling tools only needs
connections:execute, notconnections:write. - Use metadata for row-level filtering. Don’t rely on connection IDs alone — metadata constraints are enforced server-side.
- Narrow before passing to untrusted code. If you hand a token to a browser, agent, or sandbox, restrict it to the specific user and operations needed.
- Tokens cannot mint other tokens from nothing. Only API keys or existing tokens can create tokens, and child tokens can never exceed their parent’s scope.