---
title: 'API tokens'
description: 'This article explains how to create and work with API Tokens.'
tags: ['Account Settings', 'Api Tokens']
keywords: ['api tokens', 'create api token', 'delete api token']
---

## Create API Token

Open Account Settings page from the user menu in the bottom left corner of the sidebar. 
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Account Settings` from the dropdown
 
![profile page](/img/v2/account-settings/account-settings.png)

Follow the steps below to create API Token
1. Click on `Tokens` tab in the `Account Settings` page
2. Click on `Add New API Token`
3. Enter the name for the API Token
4. Click on `Save` button to save the changes
5. Copy the API Token by clicking on `Copy` button displayed under `Actions` menu
6. Use the API Token in the services that require it to authenticate as `xc-token` in the headers.  
```json
{
  "headers": {
    "xc-token": "Copied API token here under quotes"
  }
}
```
 
![Create API Token](/img/v2/account-settings/api-token-1.png)
  
![Create API Token](/img/v2/account-settings/api-token-2.png)

:::info
- Only one token can be created per user
- API Token does not expire, but it can be deleted anytime.
:::

API Token created will get added to the list. Copy API token by clicking on `Copy` button displayed under `Actions` menu
  
![Create API Token](/img/v2/account-settings/api-token-3.png)

## Delete API Token
:::warning
Note that, all the services using the API Token will stop working once the API Token is deleted.
:::

Open Account Settings page from the user menu in the bottom left corner of the sidebar.
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Account Settings` from the dropdown

![profile page](/img/v2/account-settings/account-settings.png)

1. Click on `Tokens` tab in the `Account Settings` page
2. From the `Actions` menu, click on `Delete` button associated with the API Token to be deleted

![Delete API Token](/img/v2/account-settings/api-token-4.png)


## Auth Tokens

:::warning
Use of Auth tokens is deprecated since v0.205.1. Please use API Tokens for authentication.
:::

For quick experiments with the API, you can use the `Auth Tokens` to generate a temporary token. These tokens are valid for a session until the user logs out or for 10 hours. 

Follow the steps below to copy AUTH Token
1. Click on `User menu` in the bottom left corner of the sidebar,
2. Select `Copy Auth Token` from the dropdown

```json
{
  "headers": {
    "xc-auth": "Copied auth token here under quotes"
  }
}
```

:::note
For Self-hosted, you can reconfigure expiry time using environment variable `NC_JWT_EXPIRES_IN`. This defaults to 10 hours.
:::