Managing personal access tokens
A personal access token is a one-time generated token that replaces a password for authentication. You can generate and use personal access tokens to integrate external applications or programmatic scripts (API clients) with IdentityNow. Personal access tokens replace the need for API clients to use a hashed username and password via the PASSWORD grant type, improving the security of integrations.
We recommend that you update any API clients that are currently using the PASSWORD grant type to use personal access tokens as soon as possible, before the PASSWORD grant type is deprecated for use by all API clients in August 2021.
After you’ve generated a personal access token, you can use it to access the IdentityNow APIs and automate such processes as submitting requests, reassigning certifications, and updating sources.
Generating a personal access token
- Select Preferences from the dropdown menu under your username.
Select Personal Access Tokens from the left menu and select New Token.
The New Token button will be disabled when you’ve reached the limit of 10 personal access tokens per user. To avoid reaching this limit, we recommend you delete any tokens that are no longer needed.
After you create the token, the value of the Client ID will be visible in the Personal Access Tokens list, but the corresponding Secret will not be visible after you close the window.
Copy the Secret and Client ID somewhere safe.
Deleting a personal access token
You cannot recover a deleted token, so be sure it’s no longer in use or required before doing so.