1. Click on `Tokens` tab in the `Account Settings` page
2. Click on `Add New API Token`
3. Enter the name for the API Token
4. Click on `Save` button to save the changes
5. Copy the API Token by clicking on `Copy` button displayed under `Actions` menu
6. Use the API Token in the services that require it to authenticate as `xc-token` in the headers.
```json
{
"headers": {
"xc-token": "Copied API token here under quotes"
}
}
```
![Create API Token](/img/v2/account-settings/api-token-1.png)
![Create API Token](/img/v2/account-settings/api-token-2.png)
:::warning
Only one token can be created per user
- Only one token can be created per user
- API Token does not expire, but it can be deleted anytime.
:::
API Token created will get added to the list. Copy API token by clicking on `Copy` button displayed under `Actions` menu
@ -50,3 +57,23 @@ Open Account Settings page from the user menu in the bottom left corner of the s
:::warning
Note that, all the services using the API Token will stop working once the API Token is deleted.
:::
## Auth Tokens
For quick experiments with the API, you can use the `Auth Tokens` to generate a temporary token. These tokens are valid for a session until the user logs out or for 10 hours.
Follow the steps below to copy AUTH Token
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Copy Auth Token` from the dropdown
```json
{
"headers": {
"xc-auth": "Copied auth token here under quotes"
}
}
```
:::note
For Self-hosted, you can reconfigure expiry time using environment variable `NC_JWT_EXPIRES_IN`. This defaults to 10 hours.