API Tokens are a safer, more secure way of communicating with the RBCommons API. They allow third-party services or custom scripts to operate on behalf of your user account without exposing your password. They can also be locked down in order to restrict what operations the client using the token can perform.


Managing API Tokens


You can create or view your API Tokens in your My Account page. To create a new token, simply click "Generate a new API token" under your team name.



You can also give your token a nickname in order to keep track of what it's used for.


The amount of access can be configured for each token. There are two built-in access levels: Full access and Read-only. You can also customize the access per resource and method. See API Token Policies for details on writing your own policies.


Token Notification E-Mails


Any time you create, delete, or update a token, you'll receive an e-mail notifying you of the change. This will help ensure you're not left in the dark in case someone unknowingly modifies a token through your account.


To help protect your account further, please enable two-factor authentication.