In this section you can generate an api token for a user or for the organization. A user can have multiple api tokens that allow a more granular usage of them (one token for integration A, one token for integration B). For information about the configuration in REST please also have a look at the REST tutorial using Postman. A configuration for SOAP can be found on this page: Hello World Tutorial.

Please note that the organization api token can only be used with REST api version 1 to 5. We recommend to use user-specific API tokens. Therefore, each user can create several tokens for different application integrations. The apiToken has to be provided as HTTP Header. 


Figure


Api Tokens

API Tokens

In this section, you can manage user specific API tokens of currently logged-in user. To create a new API token, press the "Add new API Token" button and enter any name of your choice. The token is generated and can be copied using the "copy" button which is part of the token display. Don't forget to enable the API token with the on-off slider before it can be used.


An API token can be deleted using the recycle bin icon. Note that integrations may stop working or will require a reconfiguration, when API tokens have been deleted.

Web applications and apps which implement an OAuth Code Grant flow to receive the bearer token are listed in the Apps and Connectors section.

Organization API Tokens

(deprecated)

In this section, you can manage organization specific API tokens of currently logged-in user. Be aware that an organization token grants access to envelopes, templates etc of ANY user of the organization, just by combining it with the user login name. In a default configuration, we do not enable that feature any more by default but kept it in the product for compatibility reasons so far.

To use Organization API Tokens, the feature flag "OrganizationApiToken" must be granted to the organization, and the user must have the permission to use the API granted in one of the roles assigned. Keep in mind that another role might block the permission, which would also result in having the Organization API tokens disabled for this user, also with no option to create a new one.



Apps and Connections

This section provides an overview to which OAuth2 Applications a user granted access in his name.