Create and manage API tokens
Tokens authenticate access to the app and management APIs.
Create a token
In settings under “API tokens”, create a new token with a name and optional expiry. For security, the token value is shown only once — copy it immediately; it can’t be retrieved later.
Permissions (abilities)
Each token gets specific permissions that define what it can do — for example reading or writing content, maintaining overrides, or triggering a publication. Grant only the rights a given use truly needs.
Manage and revoke tokens
The overview shows metadata such as name, creation and expiry dates, and last use. Revoke tokens you no longer need to block access immediately.
Frequently asked questions
- I lost the token value — can I show it again?
- No. The value is shown only once at creation. Revoke the token and create a new one.