9.7.9. Creating or deleting an API access token

9.7.9.1. Introduction

There are two ways of authenticating using the GBox API:

• Using a login/password pair

• Using an api token

The parameters for a token are as follows:

• Name (required): name enabling the owner or use of the token to be identified.

• Permissions (required): access level for the token from Operators, Administrators or Super Administrator.

• An expiration date: enables the token to be deactivated at the specified date and time.

  If this field is not filled in, the token does not expire.

This procedure describes:

• The adding of an API access token

• The creation of this access token

• The possible deletion of an existing token

Note

This graphical interface is described in The `API tokens` section of the `Accounts` submenu.

---

9.7.9.2. Prerequisites

• User: member of Administrators Group

---

9.7.9.3. Preliminary operations

• Connect to the GBox via a browser (see Connection to the web interface via a browser).

---

9.7.9.4. How to access the `Permissions history` screen

• In the navigation bar, successively click on:

• The `Admin` button

• The `Gcenter` sub-menu

• The```Accounts``` command

  The `Accounts` window is displayed.

• Click on the `Api tokens` heading.

  The `Api tokens` window is displayed.

---

9.7.9.5. How to create a new token

• Enter an explicit token name in the `Name` field (2) in the `Create a new token` zone (1).

• Select the desired account, hence the rights, using the field (3) `Permissions`.

• If necessary, select the expiration date by clicking in the `Expiration date` field (4): use the calendar displayed.

• Press button (5) `Create`.

  After adding:

  • A message that the token was created is displayed

  • The created token is displayed

  Token generated with success:
  ```n_Y9lzbKnhNhK7Sw4OfzLqOuFC_bxDC1rtHTHCT7aoNTSkw3S0Mfqxx06KXSXTjHXbglUx9_IV0XVz-I1g8p34-1i8NaY9Grasu_IrpA24JkWhz5UWul12ePiebn_SOaiFhJpjHLD8slMx2aW1hVhiqL92UbDwtJ6uej7wpZ-IM```
   Make sure you save it. You won't be able to access it again.
  

• Use the displayed token.

  The list in `Token list` area (8) is updated.

• If necessary, delete expired tokens using button (6).

---

9.7.9.6. Procedure for deleting a token

• Use the fields `Name` (10) , `Permission` (9), `Expiration` (7) to filter the list.

• Delete an existing token using the trash button.

  A confirmation window is displayed with the following message

  Confirm deletion
  Do you confirm the deletion of the API token nightwatch_token_oper?
  

• Press the `Confirm` button to confirm the deletion.

• If necessary, delete expired tokens using button (6) `Purge expired tokens` or via the /auth/tokens/purge-tokens/ API.

Note

The GBox API documentation is available via Swagger by clicking on the link in the menu Administrators > GBOX > API.

---