Tokens

jpvj
jpvj Posts: 4
edited May 2022 in Deployment & Integrations

Hi :-)

I'm using TV Host for many different customers and utilizing the API to update the alias, assigning to groups etc.

I have created different custom modules and they all have different API tokens. Each custom module assigns the host to a specific group (one group = one customer)

I have also used the same API tokens for scripting. Each customer having the same script using the API token from their custom module. It seems however, that any API token gives full access to manage all groups and hosts.

I also tried using a script token to limit access to only "Group and device management". This also works, but still gives access to all groups.

My goal is to have one token per customer, so their TeamViewer script can only update descriptions and assign devices to "their group".

Is this possible at all or is the security model not in place to make such a restriction?