Table of Contents
Note: This document has been imported from the former KB and has not yet been verified.
We've updated how API Tokens are generated and managed in SyncroMSP to ensure the utmost security. You'll now have the ability to define permissions and set expirations of the tokens you generate. By allowing one-time access to the full token at generation and obfuscating the token in-app once generated, managing API Tokens in Syncro is more secure than ever.
Learn more about how to generate and manage API tokens for our native integrations or your custom ones below.
Note: API Tokens are used in the same way that API Keys were used before. If an integration is asking for a Syncro API Key, you will use these API Tokens going forward.
Overview
To view or manage your existing API tokens or to create a new one, you'll want to head to the 'Profile/Password' section in your user menu, highlighted below:
Next, you'll want to select the 'API Tokens' option:
Generating New API Tokens
Select the 'New Token' option at the upper-right to generate a new API Token:
Next, you'll be presented with the option to generate a pre-built API token with prebuilt App Permissions for our native Syncro integrations. Or, you may select the 'Custom Permissions' tab to create an API Token with permissions that you define:
Let's go ahead and select the 'Custom Permissions' tab and begin creating a new custom API Token. In this example, we've given the token an easily recognizable name for future reference, an expiration, and defined what permissions the API token will have access to.
Note: The permissions selected below are just an example. What permissions you enable or disable will be based on the needs of your custom integration and what data/actions it'll need access to.
Example of a custom API Token below:
With your API Token Name, Expiration, and Permissions set, you'll want to select the 'Create API Token' option.
Once created, you'll be presented with a confirmation page with access to the full key.
Important: this will be your one-time opportunity to access the full key. You'll want to copy and store the key at this stage:
Managing Existing API Tokens
For your existing tokens, you can rename, update the expiration date, or modify the permissions at any time. We offer the ability to clone your existing token and their permissions: