---
title: 'API tokens'
description: 'This article explains how to create and work with API Tokens.'
tags: ['Account Settings', 'Api Tokens']
keywords: ['api tokens', 'create api token', 'delete api token']
---
## Create API Token
Open Account Settings page from the user menu in the bottom left corner of the sidebar.
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Account Settings` from the dropdown
![profile page ](/img/v2/account-settings/account-settings.png )
Follow the steps below to create API Token
1. Click on `Tokens` tab in the `Account Settings` page
2. Click on `Add New API Token`
3. Enter the name for the API Token
4. Click on `Save` button to save the changes
5. Copy the API Token by clicking on `Copy` button displayed under `Actions` menu
6. Use the API Token in the services that require it to authenticate as `xc-token` in the headers.
```json
{
"headers": {
"xc-token": "Copied API token here under quotes"
}
}
```
![Create API Token ](/img/v2/account-settings/api-token-1.png )
![Create API Token ](/img/v2/account-settings/api-token-2.png )
:::info
- Only one token can be created per user
- API Token does not expire, but it can be deleted anytime.
:::
API Token created will get added to the list. Copy API token by clicking on `Copy` button displayed under `Actions` menu
![Create API Token ](/img/v2/account-settings/api-token-3.png )
## Delete API Token
:::warning
Note that, all the services using the API Token will stop working once the API Token is deleted.
:::
Open Account Settings page from the user menu in the bottom left corner of the sidebar.
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Account Settings` from the dropdown
![profile page ](/img/v2/account-settings/account-settings.png )
1. Click on `Tokens` tab in the `Account Settings` page
2. From the `Actions` menu, click on `Delete` button associated with the API Token to be deleted
![Delete API Token ](/img/v2/account-settings/api-token-4.png )
## Auth Tokens
:::warning
Use of Auth tokens is deprecated since v0.205.1. Please use API Tokens for authentication.
:::
For quick experiments with the API, you can use the `Auth Tokens` to generate a temporary token. These tokens are valid for a session until the user logs out or for 10 hours.
Follow the steps below to copy AUTH Token
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Copy Auth Token` from the dropdown
```json
{
"headers": {
"xc-auth": "Copied auth token here under quotes"
}
}
```
:::note
For Self-hosted, you can reconfigure expiry time using environment variable `NC_JWT_EXPIRES_IN` . This defaults to 10 hours.
:::