Solved

What permissions does LaunchDarkly Cohort sync really need?

  • 16 May 2023
  • 3 replies
  • 93 views

The instructions for setting up syncing of Amplitude cohorts to LaunchDarkly suggest creating an access token with Writer permissions, which has write access to pretty much everything except account members and billing. That seems like much more than is needed to do what the sync needs, as AFAICT it just creates and updates Segments in LD.

 

Does anyone know what access is actually required, to what objects, in order for the sync to work? I’m considering creating a custom role that only has write permissions to Segments, for instance.

icon

Best answer by Ben Kloester 29 May 2023, 03:18

View original

3 replies

Userlevel 5
Badge +8

@Ben Kloester welcome to the community! I’m pulling in someone from our support team to help dive into more detail on this! You should receive a message from them soon.

I was able to find the answer in LaunchDarkly’s docs here.

The access token must have the actions createSegment and updateIncluded on segment resources (eg "proj/*:env/*:segment/*") to sync segments from Amplitude.

Userlevel 5
Badge +8

@Ben Kloester really appreciate it. Looks like @Thao Nguyen also alerted our eng team to update documentation on our side. 🙏

Reply