#API Token Configuration

Alauda Security Service lets you manage API tokens from the Integrations page. In the current UI, API tokens are grouped under Authentication Tokens.

#Key Points

• API tokens are commonly used for CI/CD, scripts, automation, and API access.
• When you create a new token, your role's permissions limit the permissions you can assign to that token.
• If you want a custom role to create tokens for other users, you must assign the required permissions to that custom role.
• In the Authentication Tokens section, the UI shows API Token as a dedicated token type and provides a Generate token action.
• The token creation flow includes these fields:
  • Token name
  • Role
  • Expiration date
• If you leave Expiration date unset, the value defaults to one year from the generation date.

#Procedure

1. In the Alauda Security Service portal, go to Platform Configuration > Integrations.
2. Scroll to the Authentication Tokens section.
3. Click API Token.
4. Click Generate token.
5. Enter a value in Token name.
6. Select a role that provides the required level of access, such as Continuous Integration or Sensor Creator.
7. (Optional) Set Expiration date. If you leave it blank, the token expires one year from the generation date.
8. Click Generate.

Important: Copy the generated token and store it securely. You will not be able to view it again.

#Token Expiration and Notification

API tokens expire one year from the creation date. Alauda Security Service alerts you in the web interface and by sending log messages to Central when a token will expire in less than one week.

Log message format:

Warn: API Token [token name] (ID [token ID]) will expire in less than X days.

#Configuring Notification Settings

You can change the default settings for the token expiration log process by configuring the following environment variables: