Re: Fetch records for password-protected shared table using Personal Access Token via API

GeorgeMike · ‎Jun 24, 2024

There's an Airtable that's been shared with my account (A) from account (B). I have a personal access token from account A.

- The Airtable's restricted to account A's domain
- The Airtable is password protected

Is it possible to use the API to fetch the records of the Airtable?

I've tried this approach:

const Airtable = require("airtable");

const PERSONAL_ACCESS_TOKEN = "...";

const baseId = "...";

const tableName = "...";

const base = new Airtable({ apiKey: PERSONAL_ACCESS_TOKEN }).base(baseId);

base(tableName)

.select({})

.eachPage(

function page(records, fetchNextPage) {

records.forEach(function (record) {

console.log("Retrieved", record);

});

fetchNextPage();

},

function done(err) {

if (err) {

console.error(err);

return;

}

console.log("Finished fetching records");

}

);
```

and this approach:
```

const fetchAirtableData = async (baseId, tableName, personalAccessToken) => {

const url = `https://api.airtable.com/v0/${baseId}/${tableName}`;

try {

const response = await fetch(url, {

headers: {

Authorization: `Bearer ${personalAccessToken}`,

"Content-Type": "application/json",

},

});

if (!response.ok) {

console.log(response);

throw new Error(`HTTP error! status: ${response.status}`);

}

const data = await response.json();

return data.records;

} catch (error) {

console.error("Error fetching data from Airtable:", error);

throw error;

}

};

```

...and neither worked.

simonweigold · ‎Jun 24, 2024

Fetching the records of an Airtable base via API is generally possible.

They way these personal access tokens work is that they each have their own scope that can be freely defined. What I mean by that is that you can select what types of operations a personal access token can do and which bases can be accessed. Can you double check whether the access token you are using has the correct scope for your purposes?

TheTimeSavingCo · ‎Jun 24, 2024

Hmm, could I confirm you're a collaborator in this base?

Adam, Consultant @ The Time Saving Co

GeorgeMike · ‎Jun 24, 2024

The personal access token has these scopes:

data.records:read
schema.bases:read

GeorgeMike · ‎Jun 24, 2024

I can confirm that I can access the data from the web Airtable UI when logged in with the account that generated the Personal Access Token.

I can't do it via the API myself.

simonweigold · ‎Jun 25, 2024

I tried recreating the issue with your first approach, and I successfully retrieved data from my own Airtable base using my personal access token.

Could you provide additional details, such as any error messages you encountered?

GeorgeMike · ‎Jun 25, 2024

"for password-protected shared table" - I do not own the airtable. It's shared with my account.

simonweigold · ‎Jun 25, 2024

as far as I know the password protection only applies to specific views. The fact that the airtable base has been shared with your account should not affect the scopes of the access token you are using.