Auth Tokens
Personal auth tokens are one of the ways to authenticate and authorize API requests sent by external applications to CodeCanvas to retrieve and manipulate data.
You can create a personal token in your CodeCanvas account and then provide it to your external application.
Your personal token authenticates the external application on your behalf.
When creating a token, you can grant it a limited set of permissions, restricting access to data and actions. You can only assign permissions that you have yourself.
Your personal token is a permanent token, i.e., it never expires. Nonetheless, you can revoke and replace it at any time should you suspect unauthorized access or as a preventive measure.
warning
Personal tokens are less secure than OAuth autorization. Consider using OAuth 2.0 authorization for applications that require access to CodeCanvas on behalf of users.
Click your name in the top right corner and select Profile. Then in the sidebar menu, select Auth Tokens.
Click New personal token.
Give your new token a distinctive name.
Specify the access scope for the token:
Select Full access to grant all the permissions that you have.
Select Limited access to limit the scope to specific permissions.
Choose the context, then select permissions from the list.
Click Create.
Copy the token and store it in a secure location. Use the token in your external application to authenticate and authorize API requests to CodeCanvas resources.
note
You must copy the token at this point. When you close the dialog, you won't be able to access the token again. If you close the dialog accidentally, the only way to obtain a token is to create a new one.
After you've copied the token, the dialog closes and the token is displayed. You can update or revoke it at any time.
You can edit your existing personal token configuration:
Change its name.
Edit the access scope by adding or removing permissions.
Click your name in the top right corner and select Profile. Then in the sidebar menu, select Auth Tokens.
Locate the token you want to edit and click Update.
Edit the token as described in the instruction above.
Personal tokens don't have an expiration date, making it easy for a perpetrator to repeatedly gain access once they get hold of the token. If you suspect unauthorized activity, you can revoke the token associated with the compromised connection.
Click your name in the top right corner and select Profile. Then in the sidebar menu, select Auth Tokens.
Locate the token you want to revoke and click Update.
Edit the token as described in the Revoke.
The token will be disabled and removed from the list of your personal tokens.
Thanks for your feedback!