search

Locoia API Authentication - Personal Access Token

Authentication with our API of Locoia itself

hashtag
Creating a Personal Access Token

hashtag
In Locoia

Go to your avatar (upper right corner) > User > Personal Access Tokenarrow-up-right.

There you can create new access tokens, update and regenerate existing ones with full flexibility.

circle-exclamation

The token itself is only visible right after creating a personal access token. In case you didn't save it, you can generate the token. The old token will then be invalidated.

hashtag
Using the API

circle-info

We recommend to generate and manage personal access tokens directly in our app for, however, you can use our API for that as well.

In order to create a personal access token via API the following endpoint needs to be used:

hashtag
Create personal access token

POST https://api.locoia.com/v1/personal-access-tokens

The personal access token can be defined with granular scopes and an expiration date.

hashtag
Headers

Name
Type
Description

Authorization*

String

Bearer Token

hashtag
Request Body

Name
Type
Description

expiration*

Int

Number of days until expiration. Use null for no expiration

scopes*

List

List of scopes

note*

String

Describe purpose, (max 255 characters)

circle-exclamation

The token itself is only visible right after creating a personal access token, after that it is impossible to retrieve it from the API.

You can also create it directly in Locoia with this Community Library Flowarrow-up-right.

One can regenerate a token with by sending the following POST request:

hashtag
Regenerate personal access token

POST https://api.locoia.com/v1/personal-access-tokens/{{ token_id }}/regenerate

Regenerate or extend the expiration of an already created personal access token.

hashtag
Path Parameters

Name
Type
Description

token_id*

String

ID of personal access token to be regenerated

hashtag
Headers

Name
Type
Description

Authorization*

String

Bearer Token

hashtag
Request Body

Name
Type
Description

expiration*

Int

Number of days until expiration null for no expiration

You can list all token with

hashtag
Get personal access tokens

GET https://api.locoia.com/v1/personal-access-tokens

List all personal access tokens of the user.

hashtag
Headers

Name
Type
Description

Authorization

String

Bearer Token

hashtag
Scopes

The following scopes are available:

Scope Name
Entites

automation

  • Flows

  • Flow Runs

  • Flow Run Steps

  • Run Flows

  • Connector Auths (Read only)

  • Env Variables (Read only)

  • File Uploads (Read only)

company

  • Env Variables

  • File Uploads

  • Teams

  • Users

connector_auth

  • Connector Auths

connectors

  • Connectors

  • Connector Actions

dashboard

  • Dashboards

  • Data Sources

  • Forecasts

  • Insights

  • Transforms

embed

  • Embeds

There are different access levels based on the scope extension:

Scope Extension
Supported Scopes
Operations
Example

None (leave empty)

automationcompanyconnector_authconnectorsdashboardembed

CRUD - Create, Read, Update, Delete

connector_auth - the token can create, read, update, and delete all Connector Auths to which the user who created the token has access to

:manage

automationcompanyconnector_authconnectorsdashboardembed

CRU - Create, Read, Update

connector_auth:manage - the user can do all of the above, except for deleting

:view

automationcompanyconnector_authconnectorsdashboardembed

R - Read

connector_auth:view - the user can only read the Connector Auths

webhook_run

automation

Trigger Webhook Flows

automation - the token can trigger all Webhook Flows in the account (alternative to Flow specific webhook tokens)

hashtag
Using Personal Access Token

To authenticate with the token, simply specify it in the Authorization header like this: Authorization: Bearer {{ token }} or setup a Connector Auth for Locoia within the Locoia app and then use the token there.

PreviousFAQNextCreate Connector Authentication

Last updated

Was this helpful?