I’ve noticed that the user who owns the access token is automatically added as a member to every project whenever that user’s token is used to push updates through the API. In my case, the access token belongs to a system user, and I’d like this user not to appear as a member of the project/tasks/comments, etc.
Is it possible to prevent the access-token owner from being added to each project? If not, what is the recommended setup for integrations that shouldn’t add a visible user to every project?
The idea behind this side effect is likely to fully reproduce token owner’s actions in web UI, so when they “touch” a project via the API, they are considered as collaborators there.
For true “system user” behavior you described, the best practice setup is to use a service account (available on the Enterprise tier), which is built for this kind of integration use case.
If that’s not an option for you right now, one workaround is to let the integration do its thing, then remove that user’s project membership once the updates are done.
Thanks for your reply! In my case, I’m already using a service account as the system user and using its access token to push projects, tasks, etc. Are there any additional steps I should take to prevent the service account from appearing on projects?
Hi @Cem_Gurbey I’ve just run a few tests, and it doesn’t appear that service accounts are being added to projects (at least not when creating or updating tasks).
To dig into what you’re seeing, could you please take a moment to submit a support request mentioning the project’s GID and to share the request no. with me in a DM? I’ll take a look and follow up. Thanks!
