Authorize with Personal Token

Personal token is a permanent token that is created in the user profile and then used by an external application to access Space API on behalf of the user who owns the token.

Access management – create your own personal tokens in your user profile. Personal tokens only authorize actions that are allowed for the user who the token belongs to. You can further limit the scope of authorized actions when creating a token.
Implementation – easily authorize access without implementing a complex OAuth 2.0 authorization flow. Obtain a personal token from the user profile and provide it as the Bearer attribute of the Authorization header in API requests.
Security – manage tokens from your profile. If you suspect that your connection has been compromised, you can revoke the token at any time and generate a new one. However, please note that permanent tokens are inherently less secure than temporary access tokens used in OAuth 2.0 authorization. If security is a concern, we recommend you register your application in Space and use one of the standard OAuth 2.0 authorization flows.

To learn how to obtain a personal token from your profile, see Personal Tokens

Example of an HTTP request with a personal token

This HTTP API call uses a permanent token as the Bearer attribute of the Authorization header.

Request:

            GET https://mycompany.jetbrains.space/api/http/team-directory/locations?query=&type=Region&withArchived=true&$fields=id,archived,channelId,name,type,tz
            Authorization: Bearer eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJhSGZ2eDEyZTU1dCIsImF1ZCI6ImNpcmNsZXQtd2ViLXVpIiwib3JnRG9tYWluIjoibXljb21wYW55Iiwic2NvcGUiOiIqKiIsIm5hbWUiOiJ0cmF2aXMud2lja2V0dCIsImlzcyI6Imh0dHBzOlwvXC9qZXRicmFpbnMuc3BhY2UiLCJwcmluY2lwYWxfdHlwZSI6IlVTRVIiLCJleHAiOjE1OTAxNTk2ODYsImlhdCI6MTU5MDE1OTA4Niwic2lkIjoiMXRjbU1CMkxGZzl1In0.VJaqfkGt2RCArKg9l6oZWpA5_29DrKXLYdEAQpKaP4TuA3kHmqn7xv90NabF6Inot8zfnK1pRUc07zSunxe1lCOK81N7_GeNgw6rHB_3S-XGoOAO-7OSVVH-duffpueUj-sWcBHfCI9iTofuTZgXUZ7IcJ_FP8vyNBhM_kgx-As
            Accept: application/json

        

Response:

200
accept-ranges: bytes
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: application/json
date: Fri, 22 May 2020 14:47:06 GMT
referrer-policy: no-referrer
status: 200
vary: Origin
x-frame-options: DENY

[
  {
    "id": "2w9S8K2x3Aqy",
    "name": "The Netherlands",
    "tz": null,
    "type": "Region",
    "channelId": null,
    "archived": false
  },
  {
    "id": "1sjSCi2B6qdM",
    "name": "Russian Federation",
    "tz": null,
    "type": "Region",
    "channelId": null,
    "archived": false
  },
  {
    "id": "4Vsy4f3sCNkX",
    "name": "USA",
    "tz": null,
    "type": "Region",
    "channelId": null,
    "archived": false
  },
  {
    "id": "14fTZH1pMwJ5",
    "name": "Germany",
    "tz": null,
    "type": "Region",
    "channelId": null,
    "archived": false
  }
]

Last modified: 19 May 2021