Introduction
Socket provides a powerful API that allows you to interact with your organization's data programmatically. To authenticate API requests, you need to use API tokens. This guide will show you how to generate and manage these tokens within your organization.
Generating a New API Token
To generate a new API token:
- Navigate to Settings: On the Socket dashboard, go to
Settingsin the left-hand menu. - Access API Tokens: Click on the
API Tokenstab within the Settings menu. - Create API Token: Click the
+ Create API tokenbutton in the upper-right corner. - A dialog will appear where you can set the name and choose the scopes for the token.
- After selecting the appropriate scopes, click Confirm to generate the token.
Editing and Managing API Tokens
- To edit an API token, navigate to the API Tokens section.
- Click on the ellipsis (...) next to the token you want to manage.
- You can Edit name, Edit scopes, Edit visibility, Rotate token, or Revoke token as needed.
Best Practices
- Least Privilege Principle: Assign only the necessary scopes to each token to minimize potential security risks.
- Regular Rotation: Regularly rotate your tokens to reduce the impact of a compromised token.
- Audit and Review: Periodically review the tokens and their scopes to ensure they align with current organizational needs and security practices.