9.7.9. Creating or deleting an API access token

9.7.9.1. Introduction

There are two ways of authenticating using the GBox API:

  • Using a login/password pair

  • Using an api token

The parameters for a token are as follows:

  • Name (required): name enabling the owner or use of the token to be identified.

  • Permissions (required): access level for the token from Operators, Administrators or Super Administrator.

  • An expiration date: enables the token to be deactivated at the specified date and time.
    If this field is not filled in, the token does not expire.

This procedure describes:

  • The adding of an API access token

  • The creation of this access token

  • The possible deletion of an existing token

Note

This graphical interface is described in The `API tokens` section of the `Accounts` submenu.


9.7.9.2. Prerequisites

  • User: member of Administrators Group


9.7.9.3. Preliminary operations


9.7.9.4. How to access the `Permissions history` screen

  • In the navigation bar, successively click on:

  • The `Admin` button

  • The `Gcenter` sub-menu

  • The```Accounts``` command
    The `Accounts` window is displayed.
  • Click on the `Api tokens` heading.
    The `Api tokens` window is displayed.

9.7.9.5. How to create a new token

../../_images/BOX_API-01.PNG
  • Enter an explicit token name in the `Name` field (2) in the `Create a new token` zone (1).

  • Select the desired account, hence the rights, using the field (3) `Permissions`.

  • If necessary, select the expiration date by clicking in the `Expiration date` field (4): use the calendar displayed.

  • Press button (5) `Create`.
    After adding:
    • A message that the token was created is displayed

    • The created token is displayed

    Token generated with success:
    ```n_Y9lzbKnhNhK7Sw4OfzLqOuFC_bxDC1rtHTHCT7aoNTSkw3S0Mfqxx06KXSXTjHXbglUx9_IV0XVz-I1g8p34-1i8NaY9Grasu_IrpA24JkWhz5UWul12ePiebn_SOaiFhJpjHLD8slMx2aW1hVhiqL92UbDwtJ6uej7wpZ-IM```
     Make sure you save it. You won't be able to access it again.
    
  • Use the displayed token.
    The list in `Token list` area (8) is updated.
  • If necessary, delete expired tokens using button (6).


9.7.9.6. Procedure for deleting a token

  • Use the fields `Name` (10) , `Permission` (9), `Expiration` (7) to filter the list.

  • Delete an existing token using the trash button.
    A confirmation window is displayed with the following message
    Confirm deletion
    Do you confirm the deletion of the API token nightwatch_token_oper?
    
  • Press the `Confirm` button to confirm the deletion.

  • If necessary, delete expired tokens using button (6) `Purge expired tokens` or via the /auth/tokens/purge-tokens/ API.

Note

The GBox API documentation is available via Swagger by clicking on the link in the menu Administrators > GBOX > API.