Links

Manage API Tokens

Learn how to add and manage API tokens in Humanitec.

Introduction

Almost all requests made to the Humanitec API require authentication. Please refer to our API Documentation to learn more about this authentication. This section explains the Bearer token as well as how to manage API Tokens.

Bearer Authentication

The Bearer Authentication makes use of a static token. It is intended to be used when machines interact with the Humanitec API. Bearer tokens should be used for very narrow purposes. This allows for the token to be revoked if it is compromised and so limits the scope of exposure.

Manage Bearer Tokens

To create a new token, you will need to have the Administrator or Manager role within your Organization. Deletion is only permitted for Administrators.Learn more about RBAC in Humanitec here.
UI
CLI
API
New Bearer Tokens can be obtained from the Organization Settings.
  1. 1.
    Select the API tokens tab.
  2. 2.
    Enter a Token ID for the new token and click on Generate new token.
Example for Bearer Token overview
You can use the same view as you use to create a Bearer Token to view the token by clicking on Show. The view with the visible Bearer Token also allows you to revoke the token.
Example to view and revoke Bearer Tokens
Our CLI is currently in closed beta. Please contact us if you want to learn more.
Almost all requests made to the Humanitec API require Authentication. Learn more in the Authentication section of our API documentation.

CI Pipeline Integration

Note that each new CI pipeline integration you are creating also generates a new Bearer Token that you can review and revoke as described above.