Tokens are required to access the integrator.io API. You can use the integrator.io API to perform CRUD operations on any resource in your account, or to synchronously migrate data in and out of any application that integrator.io can connect with.
Where are the API Tokens?
As an account owner, you can find all API tokens in the Resources menu. If you don't see this, then it means you don't have permissions to manage API tokens.
An index page lists all tokens, with a token name, description, status, auto purge, and scope.
- Status indicates whether or not the token is activated (available to use).
- Auto purge allows you to purge the token after a certain amount of time. See below for more details.
- Scope indicates the limitation settings of the token. A token can have full access to all APIs supported by integrator.io or can have a limited access via a custom scope configuration.
Create And Edit Tokens
To edit an existing API token, select Edit from the Action drop-down menu.
To create a new Token, select Create New at the top of the page. Give the Token a name and description that is meaningful to its use, and to distinguish it from other account Tokens.
Set desired Auto Purge setting. The Token will be automatically purged after a certain amount of time, as defined when created. If you don't ever want your Token purged, then select Never.
Each Token that you wish to use for your account needs to be defined with a scope of access. Tokens can be provisioned with full or minimal access. Select Full Access if the Token should be able to perform any action in your account supported by the API. If you wish to limit the scope, then select Custom.
Set Custom Scope
Custom scope allows you to specify individual Connections, Exports, and Imports that you want to be able to trigger using the token. Note: Custom scope doesn't allow CRUD operations on the selected resources, for that you need to select Full Access.
To add a resource, simply click on the name in the resource category. Click on multiple resources to select more than one in each category as part of your scope. When finished, click Save to create the Token.
To view a Token's scope, click the scope link (Full Access or Custom) in the index page.
Revoke Token And Other Actions
Revoke/Reactivate - Tokens can be revoked or reactivated at any time. A revoked Token is invalidated so that it is no longer possible to use it for CRUD operations or make successful API calls to integrator.io. The status of a revoked Token will show as Inactive in the index page. When a revoked token is reactivated, all its previous access scope is enabled once again, and its status is set to Active in the index page.
Regenerate - This action will generate a new API key for your Token.
Edit - This action will open a modal with ability to edit all token details, including scope.
Audit Log - All CRUD operations are listed in the Audit Log.
Delete - A Token must be revoked in order to delete it. Once a token is deleted, it is removed from the index page and will be invalidated without the ability to reactivate it.
Every time a change is made to a token, or if a token is viewed in plain text (to expose the actual token), an email notification is sent to the account owner to inform them of the activity. This is a security measure, to make account owners aware of any activity involving their tokens.
Note that the actual token is never revealed in the email or via the UI, unless the user with access permissions actively clicks to view the token (Click To Display).