9.7.9. Creating or deleting an API access token
9.7.9.1. Introduction
There are two ways of authenticating using the GBox API:
Using a login/password pair
Using an api token
The parameters for a token are as follows:
Name (required): name enabling the owner or use of the token to be identified.
Permissions (required): access level for the token from Operators, Administrators or Super Administrator.
- An expiration date: enables the token to be deactivated at the specified date and time.If this field is not filled in, the token does not expire.
This procedure describes:
The adding of an API access token
The creation of this access token
The possible deletion of an existing token
Note
This graphical interface is described in The `API tokens` section of the `Accounts` submenu.
9.7.9.2. Prerequisites
User: member of Administrators Group
9.7.9.3. Preliminary operations
Connect to the GBox via a browser (see Connection to the web interface via a browser).
9.7.9.4. How to access the `Permissions history`
screen
In the navigation bar, successively click on:
The
`Admin`
buttonThe
`Gcenter`
sub-menu The```Accounts``` commandThe`Accounts`
window is displayed.
- Click on the
`Api tokens`
heading.The`Api tokens`
window is displayed.
9.7.9.5. How to create a new token
Enter an explicit token name in the
`Name`
field (2) in the`Create a new token`
zone (1).Select the desired account, hence the rights, using the field (3)
`Permissions`
.If necessary, select the expiration date by clicking in the
`Expiration date`
field (4): use the calendar displayed.- Press button (5)
`Create`
.After adding:A message that the token was created is displayed
The created token is displayed
Token generated with success: ```n_Y9lzbKnhNhK7Sw4OfzLqOuFC_bxDC1rtHTHCT7aoNTSkw3S0Mfqxx06KXSXTjHXbglUx9_IV0XVz-I1g8p34-1i8NaY9Grasu_IrpA24JkWhz5UWul12ePiebn_SOaiFhJpjHLD8slMx2aW1hVhiqL92UbDwtJ6uej7wpZ-IM``` Make sure you save it. You won't be able to access it again.
- Use the displayed token.The list in
`Token list`
area (8) is updated. If necessary, delete expired tokens using button (6).
9.7.9.6. Procedure for deleting a token
Use the fields
`Name`
(10) ,`Permission`
(9),`Expiration`
(7) to filter the list.- Delete an existing token using the trash button.A confirmation window is displayed with the following message
Confirm deletion Do you confirm the deletion of the API token nightwatch_token_oper?
Press the
`Confirm`
button to confirm the deletion.If necessary, delete expired tokens using button (6)
`Purge expired tokens`
or via the /auth/tokens/purge-tokens/ API.
Note
The GBox API documentation is available via Swagger by clicking on the link in the menu Administrators > GBOX > API.