Limit the OAuth Scope to Read-only

Question

Limit the OAuth Scope to Read-only

JackMorrissey opened this issue 6 years ago · 2 comments

The application only makes GET requests, but it'd be nice if that was restricted by the API itself.

At the time of writing, this currently isn't possible via the YNAB API. I'm sure it's not very high on their priority list, but then again, I haven't even put in the feature request... I should at least do that.

Answer 1 · 2019-06-21T04:42:19.000Z

Came here wondering why Beyond Rule 4 needed "write" permissions and found this. Strange that YNAB doesn't offer an option to limit the scope to read only. Thanks for putting this issue up for others to see and find and great job on the Beyond Rule 4 app!

Answer 2 · 2019-07-17T00:11:31.000Z

Web Release Notes: July 11, 2019

As a developer using the YNAB API, I’m sure you’ve come across a scenario where you only want/need “read-only” access for your app. Well, now all of you API application authors have the option of using the new read-only scope for the YNAB API inside of your app.
https://www.youneedabudget.com/release-notes/

huzzah! I'll get this in soon.