I’m currently trying to understand whether there’s a way to determine which user granted the OAuth token I’m using in the request?
I’ve found the `API Token Details`, but that appears to only expose company-level information.
Could I achieve this by introspecting the JWT claims? (e.g. `sub`?)
Best answer by jason
View original
+7
Hi Scott,
In short - no. JWTs are authorized by a teammate, but the token itself is not linked to a teammate in any way - it’s a company-level resource.
It’s worth noting that only your global admins can authorize OAuth tokens to be created, so that should narrow down your search.
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.