What is REST API central token management?

API token management allows control over who can create user tokens to access REST API and provides you with a clear view regarding who has access to which API.

How to use REST API central token management

In order to access bob's APIs, a user needs to create an API token. Only users with the necessary permissions are able to generate API tokens.

To generate an API token:

  1. Click your display name to open the user drop down

  2. Select API Access

  3. Click on the Generate token button

  4. Define the scope of access by marking the desired actions to include in the token

Note: A user can have only one API token which is automatically revoked when they leave the company.

Note: API token access levels are in accordance with bob user permissions, meaning an admin's token will have full access to all APIs for example.

To revoke an API token:

  1. Click to open the user drop down

  2. Select API Access

  3. Click on the Generate token button

  4. Press Delete token

Managing tokens

To manage your organization's tokens:

  1. Navigate to Settings > Integrations

  2. Go to the Automation category

  3. Press Manage on the Rest API tile

Here you’ll see the API access tokens created with information on who created the token. You can click to Revoke Token, view and manage the token's access scope.


API user tokens can be created only by users who are given permission to do so through Permission Groups.

To set API token creation permissions:

  1. Navigate to Settings > Roles and Permissions

  2. Click Manage on the desired permission group tile

  3. Select the Company tile at the top

  4. API Access category will be open by default

  5. Adjust as desired to allow or disallow access to Manage REST API token

Need more help? If you're unsure about anything please send us a message through the chat icon below.

Did this answer your question?