Access Tokens

Overview

Access tokens are secure authentication credentials that allow external applications and services to interact with your Accounter data through our API. These tokens provide a safe way to integrate third-party tools without sharing your login credentials.

Creating an Access Token

To generate a new access token:

1. Navigate to Settings → Access Tokens
2. Click the New Access Token button
3. Enter a descriptive name for the token (e.g., "Excel Integration")
4. Set an expiration date (optional but recommended)
5. Select the permissions needed for the token
6. Click Generate Token
7. Copy and securely store the generated token

Token Permissions

Access tokens can be configured with specific permissions to limit what actions they can perform:

Using Access Tokens

Access tokens are used in API requests to authenticate your application:

Managing Existing Tokens

The Access Tokens screen displays all your active tokens with the following information:

• Token Name - The descriptive name you assigned
• Created Date - When the token was generated
• Last Used - Most recent API access using this token
• Expires - Token expiration date (if set)
• Permissions - Current permission level
• Status - Active, expired, or revoked

Security Best Practices

• Set expiration dates for tokens to limit exposure time
• Use the minimum permissions required for each integration
• Regularly review and audit active tokens
• Revoke tokens immediately if they're compromised
• Store tokens securely using environment variables or secure vaults
• Never include tokens in code repositories or public documentation
• Monitor token usage for unusual activity

Revoking Access Tokens

To revoke an access token and immediately disable its access:

1. Locate the token in the Access Tokens list
2. Click the Revoke button next to the token
3. Confirm the revocation when prompted

Revoked tokens cannot be restored. You'll need to create a new token if access is needed again.