1. Home
  2. Developer Documentation & APIs
  3. What is an API Token? How to create, edit, and remove an API key?

What is an API Token? How to create, edit, and remove an API key?

API tokens are a set of alphanumerical values generated by Cincopa to securely connect your Cincopa account to a wide variety of API’s that we offer. Cincopa has designed plenty of API’s that can be used for a variety of purposes.

  • Cincopa’s API tokens are used to secure and validate your connection to the API endpoint.
  • Cincopa API keys are used to set and manage your assets and galleries.

In this guide we will explain the following:

In order to use any API’s provided by Cincopa, you will need to validate your Cincopa account using the API token generated through your account.

How can I create an API token?

To create API tokens, click on the profile icon on the top right corner and then select Account Dashboard

Next, click on API Tokens

If you already have an API token you will see them listed here.

If you want to create a new one then simply click on Create New

Next,

  1. Choose a token  name
  2. Then select the access permissions that you want to give the API Token, you will be able to check the list of actions that you can perform with the new key.
  3. Once you check the list of actions, simply select the Create Key option and the new key will be generated.

The API token has now been successfully created.

You can use the generated API Tokens to validate your Cincopa account and use the API’s provided by Cincopa.

You can visit our API documentation page for more information.

You can read more on how to Customize Your Player: Cincopa Video Player API Controls

 

In Edit mode, you will be able to select or un-select previous APIs.

Edit API token

At any point, you can make changes to your tokens, by selecting the EDIT link in the token row

Delete API token

At any point, you can delete your tokens, by selecting the Remove option next to the unwanted token.

Test API CALL

Next, you can call the Validation API to validate the API tokens. You can see the API call URL below.

API Call URL: https://api.cincopa.com/v2/ping.json?api_token=TYPE_YOUR API_TOKEN

This API call contains the API token which needs to be replaced with yours. You will have to add an API token that you created in the previous step.

Once you call this URL, you will get a response with the following information.

Success: When you get a response with Success as True, this means the API token is validated and you will be able to use the rest of our APIs.

Ping: This information will help you determine if the ping test to the server is successful.

Runtime: This shows the amount of time it took to get the response.

RESPONSE BODY:

{

“success”: true,

“ping”: “pong”,

“runtime”: 13

}

Common Questions:

Customer Question:

We are requesting Cincopa upload, listing, search API call through javascript and the API token is exposed on the client-side

What are the best practices to use in order to prevent security issues when using Tokens?

Answer: 

The API token can be set to have only read-only permissions. This way, if someone gets a hold of the key they will not be able to change or delete anything

To do so, make sure that your token only has Read Only permissions.

Was this article helpful?