API Tokens

API Tokens provide a secure way of accessing FlexDeploy’s API by protecting user credentials.

API Tokens are randomly generated secure strings that can be used as replacements for a user’s password when accessing FlexDeploy’s REST API. This is the preferred method of authentication as personal passwords are not sent over the network.

Generating a new token

To generate a new token click on the Add Token button at the bottom of the list.

This will open a popup where you can provide a name for the token and an expiration date.

Save and Copy the token.

Once this popup is closed you will NEVER be able to view the token value again, so keep it in a safe place.

Using a token

Once generated a token can be used as a direct replacement for the user’s password.

CURL Example

curl -u "joel:wA5h-or8IHwCx5__IGdMgdEMf1NtGQdV" http://flexdeployhost:8000/flexdeploy/rest/v2/project

Postman Example

Token Metadata

The token itself has certain metadata associated to it to help provide more insightful tracing and debugging of a token.

Field

Description

Field

Description

Token Name

This is for display only and to help you recognize tokens after they have been created. The name should closely resemble how you intend to use the token.

Expiration Date

A token can no longer be used once the Expiration Date has been reached. It is possible to define a token with no expiration though it is not recommended.

Last Accessed On

This provides a timestamp of when the token was last used. You can use this for both monitoring suspicious activity and determining if a token is still in use.

Last Accessed Origin

This shows the IP address from where the token was last used. Similar to Last Accessed On, this can be used to monitor suspicious activity.

The following macros are not currently supported in the footer:
  • style