Connect machines
Machine to machine communication allows you to connect your servers to our APIs. At this moment we support Personal Access Token
(also known as PAT
or token
). Other mechanisms are not available yet.
Create, read, update and delete
Tokens can be managed from the user interface in your tenant ({tenant-name}/tokens
). A token is tightly coupled to your identity, it’s your responsibility to keep them safe and managed.
- You can only see the value of a token upon creation, if you forgot the value then you need to create a new token.
- You can choose a name for your token: please add something useful that helps you to identity where you use the token
linux-machine-ofice-1.23 warehouse Hilversum
. This is crucial if you want to remove tokens in case of security leaks. - If you have multiple systems interacting with our API: please create multiple tokens
- You can have as many tokens as you like, but please remove them if they are not in use.
- We advise you to rotate on a regular base: you can create a new token up front. Then replace it in your machine whenever you like, and then after this remove the unused token.
Using the token
You can just send in a header on HTTP level with the token. Just like any other API key mechanism.
- HTTPS is required: therefore the solution is cryptographically safe. Your token can’t be read by anyone on the internet.
- We have a ‘special’ header name (
x-api-pat
) to prevent potential name clashes in the future