Is there a way to create a bearer auto token that only has access to one site and only allows read-only access to the CMS data.
I need to be able to do this so that I can use the Key in a mobile app to access (read) the data but I don’t want a hacker to get the key and be able to change the data.
Is there a way to create a bearer auto token that only has access to one site
You are able to create tokens that are scoped to a single site in the “Integrations” panel of Site Settings.
only allows read-only access to the CMS data.
We do not currently have support for read-only tokens
Any chance that its on the road map to create tokens with different rights? Maybe even limit what tables they can see?
Or even just make some tables public read only via the api (aka no auth needed)
Any chance that its on the road map to create tokens with different rights? Maybe even limit what tables they can see?
It’s something on our minds for sure, but it’s not something we have fully planned out or have an ETA for when development would start on it.
Hello Nicholas,
As you can see, it’s currently not possible to do what you want to do exclusively in Webflow, but if you would like to explain what you need to accomplish in the end, I might be able to suggest a possible work-around.
Mike
I want to create a native Android and IOS app that feeds off of the same CMS data in WebFlow. At the moment I am going to have to write something that will read the data from WebFlow and dump it somewhere else that I can make read-only.
You might be able to accomplish that using Airtable. (Airtable.com)
You can create the content using an Airtable webform, then by using Zapier as the go-between, have it create a Webflow C.M.S. entry and also promote it to “Live” at the same time (so it’s published).
Then a Airtable read-only view of the data can be accessed by using the URL of the read-only database contents
Such as this secure example: https://airtable.com/shrsgtZQj6RsQwp6F/tbl2bnWYsF57a1Oqe
This is a read-only view filtered In Airtable to only be one customer’s view of their data. This particular example is a Kanban view of some fictitious data, but there are different views possible of the same data (like a spreadsheet-looking database view).
Here is a grid-style view of the same data: https://airtable.com/shrI20OVJ720cu0wz/tbl2bnWYsF57a1Oqe
You can embed the Airtable view (read-only database view) in Webflow by using an embed (like a pop-up) to give that particular customer access to their data.
You can also password protect each customer’s view separately if needed.
As long as you don’t need to modify the data at some point, this should work fine, but I only have a broad idea of what you’re trying to do 
Here is an example of embedding this into a Webflow pop-up (with the Airtable branding turned off)
Mike
