Home APIs & Integration Authentication

Authentication

  • Print
13 November 2023
Authentication
Written by Himanshu Lande

The Token Management offers the following features:

  1. Token Name: Allows you to specify a custom name for the token.
  2. Generate Token: Generates a unique API token when you click the "Generate Token" button.
  3. Allowed Methods: Lets you specify which HTTP methods are allowed for the generated token. You can choose specific methods or allow all methods.
  4. Allowed Functions: Allows you to restrict access to specific API functions within your application. You can select a plugin folder, plugin name, and function to limit access. If no functions are selected, all API functions are accessible.
  5. Allowed IPs: Permits you to specify which IP addresses are allowed to access the API using the generated token. You can add multiple IP addresses separated by commas. If no IPs are added, all IPs are allowed.
  6. Blocked IPs: Enables you to specify IP addresses that are not allowed to access the API using the generated token. You can add multiple IP addresses separated by commas. If no IPs are added, no IPs are restricted.
  7. Start Date: Allows you to set an activation date for the token. If no date is selected, the token becomes active immediately upon creation.
  8. End Date: Allows you to set an expiration date for the token. If no date is selected, the token does not expire.
  9. Published: By default, the token is published, allowing access to the API. However, you can unpublish the token to revoke access to all APIs in the application.

Follow these steps to create and configure an API token 

Start by navigating to the "My Menu" section within your application. This is where you can access various management tools, including API token management.
In the "My Menu" section, locate and click on the "Manage API Tokens" menu item. This is your gateway to the API token management interface.

 

In the "Manage API Tokens" page, click the "Add" button to create a new token.

  1.  Token Name: Enter a descriptive name for your API token.
  2. Generate Token: Click the "Generate Token" button to generate a unique token.
  3. Allowed Methods: Choose the HTTP methods that the token should allow or don’t select any methods to enable all methods.
  4. Allowed Functions: Specify plugin folder, plugin name, and function(s) to limit API access. Leave this section blank to allow access to all functions.
  5. Allowed IPs: Add specific IP addresses (comma-separated) to limit API access to those IPs. Leave this section blank to allow access from all IPs.
  6. Blocked IPs: Add specific IP addresses (comma-separated) to block access from those IPs. Leave this section blank to allow access from all IPs.
  7. Start Date: Select a start date for the token's activation or leave it blank for immediate activation.
  8. End Date: Select an end date for the token's expiration or leave it blank for no expiration.
  9. Published: Toggle the "Published" setting to allow or block API access using the token. 

Viewing and Editing Existing Tokens:

  1. To view a token, click on the "View" icon in the action column. This opens a detailed view, providing information about the token's settings and permissions.
  2. To edit a token, click on the "Edit" icon in the action column. This allows you to modify the token's settings, including its name, access control rules, and expiration dates.

 

Copying an API Token:

  1. On the "Manage API Tokens" page, hover your mouse over the token you want to copy. You'll notice a copy icon (usually represented by two overlapping rectangles or a clipboard symbol).
  2. Click on this icon, and the token will be copied to your clipboard. You can then paste it where needed, ensuring secure and accurate access to your API.

Here's an example of how to create a token with specific configurations:

  1. Token Name: MyCustomToken.
  2. Generate Token: Click "Generate Token" to create a unique token.
  3. Allowed Methods: Select "GET" and "POST."
  4. Allowed Functions: Choose a specific plugin folder, plugin name, and function.
  5. Allowed IPs: Add 192.168.1.1, 10.0.0.1 to restrict access to these IPs.
  6. Blocked IPs: Add 192.168.1.2 to block access from this IP.
  7. Start Date: Set a future date for activation.
  8. End Date: Set an expiration date.
  9. Published: Keep it published to allow access.

Conclusion:

The Token Management offers granular control over API access in your application, allowing you to secure and customize access according to your specific needs. Feel free to reach out to our support team for any additional assistance or questions.

 

In case you face any problems, then please write to This email address is being protected from spambots. You need JavaScript enabled to view it., our awesome support team will surely help you!