Hawzu Docs

Hawzu Documentation

Go to App
workspaceusersapimanaging

Managing Access Tokens - Edit & Disable Guide

Viewing Token Details

To view token information:

  1. Tokens are displayed in the table with all relevant information visible.

  2. Each token row shows:

    • Label: The token’s name
    • Token: Partially masked token string (first 10 characters visible)
    • Scope: The role/permission level
    • Created: Creation timestamp
    • Expires: Expiration date (if set)
    • Status: Active or Disabled badge

  3. Use the copy button (eye icon) next to the token to copy the full token string.

Editing Access Tokens

To edit an access token:

  1. Click the “Edit” icon (pencil) next to the token you want to modify.

  2. A modal “Edit Access Token” will appear with current values pre-filled.

  3. Update the following fields:

    Label:

    • Modify the token’s label/name
    • Required field

    Scope:

    • Change the token’s role/permission level
    • Select from available roles
    • Required field

    Expiry Date:

    • Update or set an expiration date
    • Clear the date to remove expiration
    • Must be a future date if set

  4. Click “Update Access Token” to save changes.

  5. As a result, the token is updated with the new values.

Note: You cannot edit disabled tokens. Enable them first, then edit.

Disabling and Enabling Access Tokens

To disable an access token:

  1. Click the “Disable” icon (eye-off) next to an active token.

  2. A confirmation dialog will appear warning that:

    • Any processes using this token will immediately lose access
    • CI/CD pipelines and integrations will fail to authenticate
    • This action can be reversed by enabling the token

  3. Click “Disable Token” to confirm.

  4. As a result:

    • The token is disabled
    • It appears with reduced opacity in the list
    • A “Disabled” badge is shown
    • API requests using this token will fail

To enable a disabled access token:

  1. Click the “Enable” icon (eye) next to a disabled token.

  2. A confirmation dialog will appear confirming that:

    • Integrations and automation using this token will regain access
    • The token will be immediately active

  3. Click “Enable Token” to confirm.

  4. As a result:

    • The token is enabled
    • It becomes active immediately
    • API requests using this token will succeed again

When to Disable vs Delete:

  • Disable: Temporarily revoke access without losing the token (can be re-enabled)
  • Delete: Permanently remove the token (cannot be recovered)

Deleting Access Tokens

To delete an access token:

  1. Click the “Delete” icon (trash) next to the token you want to delete.

  2. A confirmation dialog will appear warning that:

    • This action cannot be undone
    • Any processes using this token will immediately stop working
    • CI/CD pipelines, automation scripts, and integrations will fail

  3. Click “Delete Token” to confirm.

  4. As a result:

    • The token is permanently deleted
    • It is removed from the list
    • All API requests using this token will fail

Note: You cannot delete disabled tokens. Delete them directly or enable them first.

Copying Access Tokens

To copy an access token:

  1. Find the token in the list.

  2. Click the “Copy” icon (copy button) next to the token string.

  3. As a result:

    • The full token string is copied to your clipboard
    • A “Copied” confirmation appears
    • You can paste it where needed

Security Note: Only copy tokens when necessary, and never share them publicly or commit them to version control.

Was this page helpful?