Personal Access Token for APIs
This article shares similarities with the one detailing the generation of a Machine-to-Machine token. However, the key distinction lies in the absence of a Machine User creation process, where permissions are delegated. In this context, the token permissions are directly linked to the current user. This eliminates the requirement for a platform administrator; any standard user can autonomously create their token!
Starting with the release of iObeya version 4.25, a new capability has been introduced, granting each user the authority to generate a Personal Access Token. This token, in turn, undergoes encoding in alignment with the industry-standard JSON Web Token (JWT) specifications.
This generated token holds the utility of integration with an external application, particularly those necessitating authentication through the OAuth 2.0 protocol. In such scenarios, the token can be specified for use in a Bearer authentication scheme, offering a seamless and secure approach to access authorization. The header of the HTTP request has to provide with the following value: Authorization: Bearer {Value_of_the_JWT_Token}
Note
A personal access token holds utmost sensitivity and confidentiality as it is intricately associated with the user who initiates its generation. Utilizing this token in an external application results in the system inheriting the user's permissions, accentuating the need for careful handling of such crucial information.
The procedure to follow is straightforward.
To begin, access the user menu by clicking on the user icon (avatar) located on the right side of the top bar. Next, choose the option "Personal access token" from the menu entries.
A new page will be opened, asking to confirm the generation of the token.
Note
Even if a token is generated, the information won't be usable by anybody and won't affect your account in iObeya.
The page can now be closed.
Note
If you forgot to copy or store (a Password manager is the best) the token somewhere, it is always possible to revoke and generate a new one.
Once the token is generated, it is still possible to check its validity or even to revoke it by opening the "Personal acces token" menu again:
Looking For more ?
- Do you want to learn more about this connector capabilities? Browse the iObeya connector documentation
- You are using another RPA/iPaaS platform than Power Automate? Browse the Facade API documentation to discover the API services used with Power Automate
- Interested to have an overview of the integration capabilities of the iObeya platform? Access the integrations page
If you have any questions or would like more information about using Power Automate and iObeya for your business, please don't hesitate to contact us at integrations-support@iobeya.com. Our team of experts is available to provide additional guidance and support, and can also offer personalized demonstrations of these powerful tools to help you get the most out of them. We look forward to hearing from you and helping you achieve your business goals with iObeya.
Type of integration
iObeya API