API authorizations
User personal API Token
When you use api-authorizations plugin, any logged user can get a personal API token by clicking on
its login information:
Once you click on the button, you get you personal API token that can get revoked at any time:
The user can use that token to execute API requests for the same action that his role allows him to do:
These actions are recorded as done by the user owning the API token in Rudder events log:
API ACLs
The plugin also allows to configure fine grained access control for a token. By selecting "Custom ACL" access level, you can choose what endpoints are accessible for that API token.
For example, you can create an API token which can only access compliance information:
That token can of course access compliance related endpoints:
But if it tries to access an other endpoint, it get an authorization error:
← Manage plugins Authentication backends →