Personal Access Tokens

  • 1 minute(s) read

To allow end-users to access APIs in a secure way without exposing their personal passwords (e.g. encoded in a configuration files), they can use the concept of Personal Access Token (PAT).

A PAT is a long string consisting of numbers, letters and symbols that can be used as an alternative to a password.

pat_bd6ed997_bc86_47af_b418_765fb001c477

A PAT is uniquely associated to the user who creates it, and if needed can be revoked.

Managing PATs in the DPS

PAT creation is made directly into the DPS by entering the User Profile page. Within the Security tab is the Personal Access Tokens section, where you can see the PATs already created and their status.

On a PAT row, by pressing Revoke Token, the token is invalidated, and the PAT is removed. Third-party software using that PAT will no longer be able to make API calls, and a new PAT will have to be created.

By pressing the Add Token button, it is possible to create a new PAT. A dialog asks the user to provide a name, which is used to identify the created PAT.

By pressing the Save button, the PAT is created and the dialog offer a way to see and copy the token value.

Note that, once the dialog is closed, there is no way to read the PAT, for security reasons if you lose the token, you have to create a new PAT.
PATs belong to a user who creates them, so the user is also responsible to keep them safe.

Note that, the DPS user can manage PATs only if the WRITE_PAT permission is assigned to its user type.

For more details about how to use PATs in API requests, refer to this article.