Manage API Tokens
Learn how to add and manage API tokens in Humanitec.


Almost all requests made to the Humanitec API require authentication. Please refer to our API Documentation to learn more about this authentication. This section explains the Bearer token as well as how to manage API Tokens.

Bearer Authentication

The Bearer Authentication makes use of a static token. It is intended to be used when machines interact with the Humanitec API. Bearer tokens should be used for very narrow purposes. This allows for the token to be revoked if it is compromised and so limits the scope of exposure.

Create a Bearer Token

New Bearer Tokens can be obtained from the Organization Settings.
  1. 1.
    Select the API tokens tab.
  2. 2.
    Enter a Token ID for the new token and click on Generate new token.
Example for Bearer Token overview

Manage and Revoke a Bearer Token

You can use the same view as you use to create a Bearer Token to view the token by clicking on Show. The view with the visible Bearer Token also allows you to revoke the token.
Example to view and revoke Bearer Tokens

CI Pipeline Integration

Note that each new CI pipeline integration you are creating also generates a new Bearer Token that you can review and revoke as described above.
Last modified 2mo ago