Fine-tuning access control to APIs with authentication tokens

Note: This feature is new in version 5.4.6.

By default, APIs demand user log in credentials, but you can fine-tune this if you wish, by setting up custom authentication tokens. The authentication tokens window, described in this topic, allows you to construct a token that can be used to access the API. You can specify which user account is used by the token (you may wish to set up an agent account specifically to handle access to the API), and, if you wish, an expiration date for the token.

To set up a custom authentication token:

  1. In the extra tab of the ribbon, click modules. The module window opens.
  2. In the module window, set the property allow permanent tokens for the API module for which you wish to set up the token:

    To do so, double-click the module, then ensure the property allow permanent use of authentication tokens is set to yes.
  3. Click exit to close the modules window.
  4. In the extra tab of the ribbon, click authentication tokens. The authentication tokens window appears.
  5. Click add.... The authentication token properties window appears.
  6. In description, enter a description of the token.
  7. Next to agent,  click ... and select an agent. Logging in with this token will be equivalent to logging in with the selected user account.
  8. Next to module,  click ... and select the API module to which you want this token to grant access.
  9. If you want the token to stop working after a certain date and time, select expires, then select the desired date and time.
  10. The token is now displayed in the first column of the authentication tokens window. You can use this token to access the API with the credentials you have defined here.
Create your own Knowledge Base