Trello API Tokens

Trello service account credentials let your workflows authenticate to Trello with a pasted API token instead of a personal OAuth connection. The token belongs to a Trello member — ideally a dedicated bot account — so workflows keep running even when individual teammates leave or revoke their own connections.

Trello tokens are bound to the API key that authorized them. A token generated with your own Trello Power-Up key will not work in Sim — Trello rejects it with 401 invalid token. The token must be minted through Trello's authorize URL using the API key of the Sim deployment you're connecting to. Follow the steps below exactly.

Prerequisites

You need a Trello account that has access to the boards your workflows will read and write. For production workflows, create a dedicated bot Trello account (e.g. sim-bot@yourcompany.com), invite it to the relevant boards, and mint the token while logged in as that account — the credential then survives any individual employee leaving.

Generating the API Token

Trello doesn't have a token-creation settings page. Tokens are minted by visiting an authorize URL in the browser while logged in to the Trello account that should own the token:

https://trello.com/1/authorize?expiration=never&scope=read,write&response_type=token&name=Sim&key=<SIM_TRELLO_API_KEY>

The key parameter must be the Trello API key of the Sim deployment:

  • Sim's hosted cloud — contact Sim support for the ready-made authorize link with the key already filled in (a future update to the connect modal may surface it in-product). Don't substitute your own key.
  • Self-hosted Sim — substitute the value of your deployment's TRELLO_API_KEY environment variable. Trello API keys are public-by-design identifiers (not secrets); yours is shown at trello.com/power-ups/admin under your Power-Up's API key page.

Log in to Trello as the account that should own the token (the bot account, for production)

Open the authorize URL above in the browser. Trello shows a consent page describing the access being granted

Click Allow. Trello displays the token on-screen — copy it

Keep expiration=never and scope=read,write in the URL exactly as shown. A token minted with a shorter expiration (1hour, 1day, 30days) will validate today and silently die later. A read-only token (scope=read) also validates — but every Trello write tool in your workflows (create card, update card, add comment, and so on) will then fail at runtime.

Newer Trello tokens start with ATTA; older ones are 64-character hex strings. Both work — Sim doesn't enforce a format.

Adding the Service Account to Sim

Open your workspace Settings and go to the Integrations tab

Search for "Trello Service Account" and click it, then click Add to Sim and choose Add API token

Paste the API token, and optionally set a display name and description

Click Add API token. Sim verifies the token by calling Trello's /1/members/me endpoint — if it fails, you'll see a specific error explaining what went wrong.

The token is encrypted before being stored.

Using the Service Account in Workflows

Add a Trello block to your workflow. In the credential dropdown, your Trello service account appears alongside any OAuth credentials. Select it and configure the block as you normally would.

The block calls Trello's API (api.trello.com) with the token, paired server-side with the deployment's API key. The credential acts as the Trello member that minted the token, with access to exactly the boards that member can see.

Common Questions

Trello binds every token to the API key that authorized it. At runtime, Sim pairs your token with its own API key on every request — a token minted under any other key gets rejected with 401 'invalid token'. This is a Trello platform rule, not a Sim limitation.
Discard that token and mint a new one using the authorize URL with the Sim deployment's key — ask Sim support for the ready-made link on hosted cloud, or use your own TRELLO_API_KEY value if self-hosting. Tokens are free to create. (If your account is managed by a Trello Enterprise, admins can restrict token creation — ask your Enterprise admin if the authorize page won't issue a token.)
No — Trello API keys are public identifiers by design (they appear in client-side authorize URLs). The token is the secret. Treat the token like a password; the key can be shared freely.
No — Trello tokens are always bound to a Trello member (a user). The closest equivalent is a dedicated bot account: create a separate Trello user for automation, invite it to the boards your workflows need, and mint the token as that user.
The token always reflects the live permissions of the member who minted it. If the bot account is removed from a board, workflows touching that board start failing with 401/404 errors — re-invite the account to fix it, no new token needed.
Log in as the token's owner, open your Trello account settings (trello.com/u/my/account), scroll to the Applications section, and click Revoke next to 'Sim'. To rotate, mint a fresh token from the same authorize URL and update the credential in Sim before revoking the old one.

On this page