1. Home
  2. Developer Documentation & APIs
  3. What is an API Token? How to create, edit, and remove an API key?

What is an API Token? How to create, edit, and remove an API key?

API tokens are a set of alphanumerical values generated by Cincopa to securely connect your Cincopa account to a wide variety of API’s that we offer. Cincopa has designed plenty of API’s that can be used for a variety of purposes.

  • Cincopa’s API tokens are used to secure and validate your connection to the API endpoint.
  • Cincopa API keys are used to set and manage your assets and galleries.

In this guide we will explain the following:

  • How to create an API token / Key
  • How to edit an API token / Key
  • How to remove an API token / Key
  • FAQ’s

In order to use any API’s provided by Cincopa, you will need to validate your Cincopa account using the API token generated through your account.

How can I create an API token?

To create API tokens, click on the profile icon on the top right corner and then select Account Dashboard

Next, click on API Tokens

If you already have an API token you will see them listed here.

If you want to create a new one then simply click on Create New

Next,

  1. Choose a token  name
  2. Then select the access permissions that you want to give the API Token, you will be able to check the list of actions that you can perform with the new key.
  3. Once you check the list of actions, simply select the Create Key option and the new key will be generated.

The API token has now been successfully created.

You can use the generated API Tokens to validate your Cincopa account and use the API’s provided by Cincopa.

You can visit our API documentation page for more information.

You can read more on how to Customize Your Player: Cincopa Video Player API Controls

 

In Edit mode, you will be able to select or un-select previous API’s.

Edit API token

At any point, you can make changes to your tokens, by selecting the EDIT link in the token row

Delete API token

At any point, you can delete your tokens, by selecting the Remove option next to the unwanted token.

Common Questions:

Customer Question:

We are requesting Cincopa upload, listing, search API call through javascript and the API token is exposed on the client-side

What are the best practices to use in order to prevent security issues when using Tokens?

Answer: 

The API token can be set to have only read-only permissions. This way, if someone gets a hold of the key they will not be able to change or delete anything

To do so, make sure that your token only has Read Only permissions.

Was this article helpful?