- An access token is linked to its creator and can be generated by submitting a username/password combination or another valid token from the same user.
- If a token is created for userA, userB can be provided the token to impersonate userA.
- You cannot create access tokens for users without their authentication credentials.
- Changes to passwords do not affect tokens.
- After a token has been created, it cannot be modified or extended.
- You can create an unlimited number of tokens.
- Access tokens can be used for authentication with any supported version of the APIs.
API access tokens are enabled by default.
Generate New Token
API access tokens must be created.
Tokens can be generated from the web application.
- Login to the Designer Cloud application .
- From the left nav bar, select User menu > Preferences > Access Tokens.
- Click Generate New Token.
- Specify the number of days for how long the token should live. Enter
-1to create a non-expiring token.
- Add a user-friendly description if desired.
- Click Generate.
NOTE: Copy the value of the token to the clipboard and store it in a secure location for use with your scripts.
For more information, see Access Tokens Page.
After a token has been acquired, it must be included in each request to the server, for as long as it is valid.
NOTE: After a token has been created, it cannot be extended or modified.
NOTE: API access tokens are not used by users in the Designer Cloud application .
After you have acquired the token, you submit it with each API request to the platform.
Example - cURL:
<my_workspace_name>is the name of the workspace from which the token was issued.
(tokenValue)is the value returned for the token when it was created.
Example - REST client:
If you are submitting your API calls through a REST client, the Authorization header must be specified as follows:
New tokens can be acquired at any time.
NOTE: It is the responsibility of the user to acquire a new API token before the current one expires. If a token is permitted to expire, a request for a new token must include userId and password information.
- See Access Tokens Page.
- Via UI: In the Access Tokens page, select Delete Token... from the context menu for the token listing. See Access Tokens Page.
This page has no comments.