This section allows to create and manage API tokens.
You may filter API tokens by name, users to whom the tokens are assigned, expiry date, users that created tokens, or status (enabled/disabled). Click on the token status in the list to quickly enable/disable a token. You may also mass enable/disable tokens by selecting them in the list and then clicking on the Enable/Disable buttons below the list.
To create a new token, press Create API token button at the top right corner, then fill out the required fields in the token configuration screen:
Parameter | Description |
---|---|
Name | Token's visible name. |
User | User the token should be assigned to. To quickly select a user, start typing the username, first or last name, then select the required user from the auto-complete list. Alternatively, you can press the Select button and select a user from the full user list. A token can be assigned only to one user. |
Description | Optional token description. |
Set expiration date and time | Unmark this checkbox if a token should not have an expiry date. |
Expiry date | Click on the calendar icon to select token expiry date or enter the date manually in a format YYYY-MM-DD hh:mm:ss |
Enabled | Unmark this checkbox if you need to create a token in a disabled state. |
Press Add to create a token. On the next screen, copy and save in a safe place Auth token value before closing the page, then press Close. The token will appear in the list.
Auth token value cannot be viewed again later. It is only available immediately after creating a token. If you lose a saved token you will have to regenerate it and doing so will create a new authorization string.
Click on the token name to edit the name, description, expiry date settings, or token status. Note that it is not possible to change to which user the token is assigned. Press Update button to save changes. If a token has been lost or exposed, you may press Regenerate button to generate new token value. A confirmation dialog box will appear, asking you to confirm this operation since after proceeding the previously generated token will become invalid.
Users without access to the Administration menu section can see and modify details of tokens assigned to them in the User profile → API tokens section only if Manage API tokens is allowed in their user role permissions.