User Tokens
  • 20 Mar 2024
  • 1 Minute to read
  • PDF

User Tokens

  • PDF

Article summary

Overview

User tokens make API requests on behalf of a user. By creating a new user token, the user will be able to access specified projects and scopes. The token will encapsulate encrypted user security information.

image.png

Creating User Tokens

Each token is always associated with a specific user account and will inherit the permissions of that user.

  1. After logging into Validatar, click your username in the upper right-hand corner.
  2. On the left pane, select Tokens.
  3. Select New Token.
  4. Enter a token name.
  5. Enter a comma-delimited list of IP addresses where this token can have API access. (optional)
  6. Specify the Projects this token can access.
    • Allow access to all projects
    • Filter access to the following project(s)
  7. Specify the Scopes that are allowed.
    • Allow access to all scopes
    • Allow access to the following scope(s)
      • Execution - Allows users to run tests and jobs
      • Security Admin - Allows users to create and remove users
      • Authoring - Allows users to modify the contents of operations (such as tests, jobs, and folders)
  8. Click Save.
    A masked API key will be generated after saving a user token. The API key can be unmasked, which is what you will need to connect to the API.

Managing User Tokens

A Validatar Security or Global admin can manage user tokens by navigating to Settings > User Tokens.

Managing user tokens uses the same interface as creating a new user token. An admin has the following abilities:

  • To modify, disable, and delete tokens
  • To view which projects the token has access to
  • To view which scopes the token has access to
  • Viewing the last accessed date
  • View the age of the token

An admin cannot unmask a user token's API key. Only the user account the token is associated with can unmask the key.

Using Tokens to Access API

You can learn more about the API scopes using Validatar's API documentation on the user token configuration page.

The documentation includes information about the REST API endpoints each scope contains and examples of API responses.


Was this article helpful?