monday.com authenticates API calls with a personal API token — a long-lived token tied to a monday.com user. There is no separate org-level service account feature, so the standard practice is to create a dedicated integration user (e.g. sim-bot@yourcompany.com), give it access to the boards your workflows need, and generate the token from that seat.
This is the recommended way to use monday.com in production workflows: monday.com doesn't document a scheduled expiry for personal tokens, no one person's OAuth consent is involved, and the credential survives when an employee leaves.
Prerequisites
Admins and members can generate their own API token (guests and viewers cannot) — for production use, create a dedicated integration-user seat first. A token generated from a personal account stops working if that person is deactivated.
The token's user must be active, not view-only (Viewer), and have a confirmed email address. Tokens from view-only or unconfirmed users are rejected by the monday.com API with a 403 error even though the token itself is valid.
Setting Up the Token
1. Create a Dedicated Integration User (Recommended)
Have a monday.com admin invite a new member with a shared email like sim-bot@yourcompany.com and confirm the email address
Add the integration user to every board your workflows will read or write. The token mirrors the user's board access exactly — a board the user can't see is a board the token can't touch
2. Generate the Personal API Token
Log in as the integration user, click your profile picture (top-right), and choose Developers
In the Developer Center, open the API token tab and click Show to reveal the token
Copy the token exactly as shown — monday.com doesn't document a fixed token format
monday.com issues one API token per user. Regenerating it immediately invalidates the old token — every integration using it breaks at once, with no overlap window. Don't regenerate the token to "get a fresh copy"; reveal and copy the existing one instead.
There is no scope picker: personal API tokens carry all API permission scopes automatically. What limits the token is the user's own access — board membership, item visibility, and account permissions.
Adding the Service Account to Sim
Open your workspace Settings and go to the Integrations tab
Search for "monday.com Service Account" and click it, then click Add to Sim and choose Add API token
Paste the API token and optionally set a display name and description
Click Add API token. Sim verifies the token by querying monday.com's me endpoint — if it fails, you'll see a specific error explaining what went wrong.
The token is encrypted before being stored.
Using the Service Account in Workflows
Add a monday.com block to your workflow. In the credential dropdown, your monday.com service account appears alongside any OAuth credentials. Select it and configure the block as you normally would.
The block calls monday.com's single global API endpoint (api.monday.com/v2) using the token — there's no per-tenant domain to configure. The token acts as the user it was created by, with that user's board access.