#How to Create Access Tokens - API Setup Guide

You can create new access tokens if you have the appropriate permissions.

#To create an access token:

1. On the Access Tokens page, click the “Create Token” button in the header.

2. A modal “Create New Access Token” will appear. Fill in the following:

   Label:

   • Enter a descriptive name for the token (e.g., “CI Runner”, “Zapier Sync”, “Production API”)
   • This helps you identify what the token is used for
   • Required field

   Scope:

   • Select a role/scope from the dropdown
   • Available options depend on your workspace roles
   • Determines what API endpoints the token can access
   • Required field

   Expiry Date (Optional):

   • Click the date picker to select an expiration date
   • Tokens expire at midnight on the selected date
   • Leave empty for tokens that never expire
   • Must be a future date

3. Click “Create Token” to create the access token.

4. As a result:

   • The token is created and displayed in the list
   • Important: Copy the token immediately, as it won’t be shown again
   • The token can now be used for API authentication

#Token Creation Fields:

• Label: Required, descriptive name for identification
• Scope: Required, determines API permissions
• Expiry Date: Optional, enhances security by limiting token lifetime

#Best Practices for Token Creation:

1. Use Descriptive Labels: Name tokens based on their purpose (e.g., “CI/CD Pipeline”, “Integration Service”)
2. Set Expiry Dates: Use expiration dates for tokens used in temporary or high-risk scenarios
3. Principle of Least Privilege: Assign the minimum scope needed for the token’s purpose
4. Document Usage: Keep track of where each token is used
5. Rotate Regularly: Create new tokens periodically and revoke old ones