Manage API Tokens

Learn how to add and manage API tokens in Humanitec.


Almost all requests made to the Humanitec API require authentication. Please refer to our API Documentation to learn more about this authentication. This section explains the Bearer token as well as how to manage API Tokens.

Bearer Authentication

The Bearer Authentication makes use of a static token. It is intended to be used when machines interact with the Humanitec API. Bearer tokens should be used for very narrow purposes. This allows for the token to be revoked if it is compromised and so limits the scope of exposure.

Manage Bearer Tokens

To create a new token, you will need to have the Administrator role within your Organization. Learn more about RBAC in Humanitec here.
New Bearer Tokens can be obtained from the API Tokens screen.
  1. 1.
    Select the API Tokens item from the navigation bar.
  2. 2.
    Enter a Token ID for the new token and click on Generate new token.
You can use the same view as you use to create a Bearer Token to view the token by clicking on Show. The view with the visible Bearer Token also allows you to revoke the token.
Our CLI is currently in closed beta. Please contact us if you want to learn more.
Almost all requests made to the Humanitec API require Authentication. Learn more in the Authentication section of our API documentation.

CI Pipeline Integration

Note that each new CI pipeline integration you are creating also generates a new Bearer Token that you can review and revoke as described above.