JetBrains Space Help

Authorize with Permanent Token

A permanent token lets you authenticate and authorize your application in Space without having to implement OAuth 2.0 authentication flows. Simply create a new token with a specific access scope, and use it for authentication from wherever you want. Use the permanent token as the Bearer parameter of the Authorization request header (see an example).

Note that permanent tokens are inherently less secure than temporary access tokens used in OAuth 2.0 authorization. If security is a concern, we recommend that you register your application in Space and use one of the standard OAuth 2.0 authorization flows.

You can use two types of permanent token for application authorization:

Application permanent tokens

An application permanent token lets an application to authenticate and authorize on behalf of itself. The scope of the token corresponds to the permissions granted to the application.

To create an application permanent token

  1. In Administration | Applications, open the required application.

  2. Open the Permanent Tokens tab and click New permanent token.

  3. Specify a token name and an expiration date.

  4. Click Create and copy the created token to a secure location. Note that you won't be able to access the token again.

  5. After you create a token, you can Update it (change the name or expiration date) or Revoke it.

Personal permanent tokens

A personal token lets an application to authenticate and authorize on behalf of a user account. Personal tokens only authorize actions that are allowed for the user who the token belongs to. You can further limit the scope of authorized actions when creating a token.

To learn how to obtain a personal token from your profile, see Personal Tokens.

Example of an HTTP request with a permanent token

This HTTP API call uses a permanent token as the Bearer attribute of the Authorization header.

Request:

GET https://mycompany.jetbrains.space/api/http/team-directory/locations?query=&type=Region&withArchived=true&$fields=id,archived,channelId,name,type,tz Authorization: Bearer eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJhSGZ2eDEyZTU1dCIsImF1ZCI6ImNpcmNsZXQtd2ViLXVpIiwib3JnRG9tYWluIjoibXljb21wYW55Iiwic2NvcGUiOiIqKiIsIm5hbWUiOiJ0cmF2aXMud2lja2V0dCIsImlzcyI6Imh0dHBzOlwvXC9qZXRicmFpbnMuc3BhY2UiLCJwcmluY2lwYWxfdHlwZSI6IlVTRVIiLCJleHAiOjE1OTAxNTk2ODYsImlhdCI6MTU5MDE1OTA4Niwic2lkIjoiMXRjbU1CMkxGZzl1In0.VJaqfkGt2RCArKg9l6oZWpA5_29DrKXLYdEAQpKaP4TuA3kHmqn7xv90NabF6Inot8zfnK1pRUc07zSunxe1lCOK81N7_GeNgw6rHB_3S-XGoOAO-7OSVVH-duffpueUj-sWcBHfCI9iTofuTZgXUZ7IcJ_FP8vyNBhM_kgx-As Accept: application/json

Response:

200 accept-ranges: bytes content-encoding: gzip content-security-policy: frame-ancestors 'none' content-type: application/json date: Fri, 22 May 2020 14:47:06 GMT referrer-policy: no-referrer status: 200 vary: Origin x-frame-options: DENY [ { "id": "2w9S8K2x3Aqy", "name": "The Netherlands", "tz": null, "type": "Region", "channelId": null, "archived": false }, { "id": "1sjSCi2B6qdM", "name": "Russian Federation", "tz": null, "type": "Region", "channelId": null, "archived": false }, { "id": "4Vsy4f3sCNkX", "name": "USA", "tz": null, "type": "Region", "channelId": null, "archived": false }, { "id": "14fTZH1pMwJ5", "name": "Germany", "tz": null, "type": "Region", "channelId": null, "archived": false } ]
Last modified: 01 September 2021