API Tokens

Programmatic REST API access to your configuration data.
A CloudTruth API Token can be used with the CloudTruth CLI and for authorization directly with the REST API. When you create an API Token, we create a Service Account automatically - this is a non-interactive User, but for purposes of access control it behaves just like a regular User. All of the actions performed with the API Token are entered into the Audit Log using this Service Account.

Creating an API Token

In the left-hand menu locate Access Control, under which you will find API Tokens.
API Access Panel
Click Generate New Token​ and select the desired token permissions, provide a Token name and an optional description, then click ​Generate Token. The token name cannot be changed after the token is created. The description and permissions can be updated at any time after creation from the manage token menu.
Token permissions are assigned to a Service Account that is part of your organization. A Service Account is treated like a user account and follows the defined organization role permissions.
Generating an API Token
Copy your access token now and secure it in a safe place. The token is only available at initial creation and will need to be regenerated if it is lost. Once you navigate away from this page, the token string will not be displayed, and the option to copy will not appear.
Saving the API Token

Managing API Tokens

Once API tokens are created, they are treated as service accounts which behave like interactive users, so they are also are displayed in the User Directory. Permissions and access can be changed directly from each access token in the API Access page or from the User Directory menu page.
User Directory Screen

Regenerating an API Token

If needed, you can re-generate the access token string from Manage API Token under the token menu.
From the token menu select Manage API Token.
Managing an API Access Token
When regenerating a token all references to that token will need to be updated.
Click Regenerate Token and copy your Access Token**.**
Regenerating an API Token

Revoking an API Token

API Tokens can be deleted either through the API Token management page (shown below) or through the User Directory.
Deleting an API Token
Copyright© 2023 CloudTruth