Access Token Management
Token generation is automatically created for all accounts. Users have the ability to generate additional tokens for data and/or security management. The API dashboard allows users to create up to 4 additional tokens for a total of five active tokens on the account. Each token has a name, capability to manage data access and a specific time frame it is active.
Revoking or rotating tokens can be due to a security breach, a change in access requirements or simply as routine security measures. Once a token has been generated, it can be revoked (deleted) at any time regardless of the token expiration date. When a token has been revoked, it cannot be reused. Additionally, once a token expiration date has been reached, the date cannot be extended. A new token must be generated.
Each token can be provisioned to access all data or limit access to specific datasets if the account has premium add-on datasets. A token expiration date can vary based on the user's selection. Users have the ability to remove owner name and mailing address.
Usage Tracking
Token usage tracking is aggregated on the API dashboard for all tokens. Accessing per token usage is through the Usage API endpoint.