Personal Access Token is an authentication method that allows you to access the API7 Cloud API without providing your account name and password. It helps integrate API7 Cloud with your programs.
You may want to integrate API7 Cloud API with your existing application in several cases like:
- Integrate API7 Cloud with your CI/CD pipeline (to expose an API to API Gateway after it's released).
- Change the API configuration after some events triggered
- Create a new Consumer automatically for your users if they're allowed to access some of your services.
How to grant a new Personal Access Token
You can enter the Personal Access Token page on API7 Cloud by clicking on the "Personal Access Token" button in the account drop-down box.
On the Personal Access Token page, click on the Generate a new token button to create a new token, you'll be asked to input the token note (optional) and the expiry time (you should evaluate the expiry time carefully!).
It's better to write the token note to make it easier to remember the token use.
You'll see the token value on the Personal Access Token page, and that's the only time you can see it on API7 Cloud, so please save it carefully.
Token number limitation
You can generate up to 50 tokens right now.
Test the token
Now let's verify if the token works. We'll access the /user/me API.
curl https://console.api7.cloud/api/v1/user/me -H 'Authorization: Bearer <PASTE YOUR TOKEN HERE>' -i
You'll see your account profile in the JSON response if the token is valid.
content-type: application/json; charset=utf-8
date: Wed, 20 Apr 2022 03:54:34 GMT
How to delete a token
You should delete the token if it's useless or even leaked. Click on Delete button on the target row.
In the extreme case, you may want to delete all tokens. Such as all the tokens are not used anymore, or even your account is suffering from identity theft. Click on the Delete All button in the "Danger Zone" to go ahead.