Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

updated chapter with links to scoped token. Made corresponding change… #81

Merged
merged 3 commits into from
Dec 13, 2022
Merged

updated chapter with links to scoped token. Made corresponding change… #81

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
33766eb
updated chapter with links to scoped token. Made corresponding change…
collinschwantes Dec 12, 2022
35b35c7
added warning about storing unecrypted tokens on github
collinschwantes Dec 12, 2022
9fb12f2
added information about share links and interfaces
collinschwantes Dec 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 23 additions & 3 deletions airtable.Rmd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,15 @@ Airtable provides database (referred to as "base") and workspace administrators
- **Reader**: Sees full base

Direct access to a base or workspace is granted or removed by base owners and creators to Airtable users. Base owners and creators can control who has access to a base and can control any “share” links created for that base. They may also restrict editing of tables or fields within a base. Any collaborator given direct access to a base at any permission level will be able to duplicate that base and share that data further. It is important that direct access to the base is limited to individuals with a need to curate or analyze the data.
To further restrict access to a base, users can be given indirect access via revocable share links. These can be customized to prevent users from seeing the full base, prevent duplicating the base, and prevent copying data from the base. The ability to use the link can be password protected, restricted to people with certain email domains, and may be revoked at any time. If there are concerns about data leaks via base or table duplication, inviting people with a need to view the data via share links constrains their ability to extract data from the base.

### Share Links and Interfaces

To further restrict access to a base, users can be given indirect access via revocable share links or interfaces.

[Share links](https://support.airtable.com/docs/creating-a-base-share-link-or-a-view-share-link) can be customized to prevent users from seeing the full base, prevent duplicating the base, and prevent copying data from the base. The ability to use the link can be password protected, restricted to people with certain email domains, and may be revoked at any time. If there are concerns about data leaks via base or table duplication, inviting people with a need to view the data via share links constrains their ability to extract data from the base.

[Interfaces](https://support.airtable.com/docs/interface-designer-overview) are dynamic dashboards built on a limited set of data in an airtable base. Users can explore or even edit data based on the permissions provided by the interface creator. Access can be further tuned by setting up a "current-user filter". See [this guide](https://support.airtable.com/docs/interface-designer-permissions) for more information.



## Data in Airtable
Expand Down Expand Up @@ -151,7 +159,7 @@ Feel free to reach out to the data librarian for questions about base design.
Airtable has five main routes for automating processes.

1) [Automations](https://support.airtable.com/hc/en-us/articles/360050974153-Automations-overview) - a drag and drop visual programming tool
2) [Applications](https://support.airtable.com/hc/en-us/articles/115013403608-Airtable-apps-overview) - pre-built applications that perform some task
2) [Extensions](https://support.airtable.com/docs/airtable-extensions-overview) - pre-built applications that perform some task
3) [Scripting](https://support.airtable.com/hc/en-us/articles/360043041074-Scripting-app-overview) - use JavaScript to automate tasks within Airtable
4) [Blocks](https://www.airtable.com/developers/apps/guides/getting-started) - use JavaScript to create custom applications
5) [REST API](https://airtable.com/api) - use whatever programming language you like to automate processes
Expand Down Expand Up @@ -203,6 +211,18 @@ Blocks are custom applications built in JavaScript and node.js that add to base

All Airtable bases are automatically accessible to authorized users via a REST API. The list of API accessible bases you have access to can be found here: https://airtable.com/api. By clicking on a base you will be able to see the full API documentation for that base.


### Scoped Tokens

Airtable is moving to a [scoped tokens](https://airtable.com/developers/web/guides/personal-access-tokens) based approach to api access. Scoped personal access tokens allow you to create a token for a specific base with specific permissions - e.g. token has read-only access to a bat sampling base. Using scoped tokens in this way means that if the token is compromised (leaked, stolen, accidentally committed unencrypted to a github repo, etc), you can delete that token to remove any access it might have had and the limited scope means that you know exactly what a person would have been able to access.

To create a personal access token go here: https://airtable.com/create/tokens

** Remember to save the token in a secure place. Do not store unencrypted tokens on the web (e.g. pushing them to github).

Airtable has also deployed [oauth tokens](https://airtable.com/developers/web/api/oauth-reference) for all users.


### Airtable and R

The Airtable REST API can be used via R with the [airtabler package](https://github.com/ecohealthalliance/airtabler). EHA has started a fork of the package that has additional functionality so it is recommended to use that version. The original package design works well for exploring the data. Our extension adds additional functionality to help use `airtabler` in automation via continuous integration such as GitHub Actions.
Expand All @@ -213,7 +233,7 @@ devtools::install_github("ecohealthalliance/airtabler")

The Airtable API serves up data as JSON, which has a hierarchical structure similar to a list in R. To handle JSON, `airtabler` uses the `jsonlite` package. Its helpful to understand how `jsonlite` handles different JSON structures when working with more complicated Airtable data. See the `jsonlite` [quick-start guide](https://cran.r-project.org/web/packages/jsonlite/vignettes/json-aaquickstart.html) for a basic overview. The [`purr` package](https://purrr.tidyverse.org/) is extremely helpful when dealing with data objects derived from JSON because it facilitates navigating nested data structures.

The `airtabler` package provides instructions for setting up access to the Airtable API. You will need to following those instructions for the following examples to work.
The `airtabler` package provides instructions for setting up access to the Airtable API. You will need to follow those instructions for the following examples to work.

**One to One join**

Expand Down