Hub 2018.2 Help

Manage Permanent Tokens

In Hub, permanent tokens allow developers to access and perform operations securely via REST API calls in their scripts and applications without implementation of complex OAuth 2.0 authentication flows. A permanent token allows access to a service with the permissions that are granted to the user account.

This page covers operations with permanent tokens that are performed in the user profile. For a sample of REST API calls using the permanent token, refer to the Permanent Token Authorization page in the Resources for Developers section.

Create a Permanent Token

To access a service programmatically with the permissions that are granted to your user account, create your own permanent token.

In addition to the permissions that are listed here, you need permission to read the service that you want to access with the token. Permission to read the service is granted in two ways:

  • The Access setting for the service grants group members access to the application from the Services menu. If you are a member of a group that is granted access in this way, you can create a permanent token to access the service.

  • You are granted the global Read Service permission.

If you are signed in and you don't see the option to create a token, ask an administrator to grant the Read Service permission to your account or to add you to a group for whom the service is visible.

To obtain a new permanent token:

  1. Open your user profile.

  2. Select the Authentication tab.

  3. Click the New token button.

  4. In the New Permanent Token dialog, specify a name for the new token and the access scope for it. The scope for the token is a list of services which you can access with this new token.

    permanentTokenNewDialog

  5. Click the Create token button.
    • A dialog window with the new token is displayed.

    permanentTokenNewCreated
  6. Copy the token and keep it in a secure location.
  7. When you copied the new token, close the dialog window.
    • A new token is associated with your user account and is displayed in the list in the Authentication tab.

    permanentTokenList

Delete a Permanent Token

A permanent token does not have an expiration date. If you suspect that the transactions with a service using a permanent token have been compromised, you can explicitly delete this token in your profile.

To delete a permanent token:

  1. Open your user profile. Switch to your Hub profile.

  2. Open the Authentication tab.

  3. In the list of tokens, select the token that you want to revoke.

  4. Click the trash button.
    permanentTokenRevoke
    • A confirmation dialog is displayed.

  5. Click the Delete button.
    permanentTokenRevokeAcknowledge
    • Selected permanent token is deleted and removed from the list.

Last modified: 27 September 2018