# Locoia API Authentication - Personal Access Token ## Creating a Personal Access Token ### In Locoia Go to your avatar (upper right corner) > **User** > [**Personal Access Token**](https://app.locoia.com/user-preferences?activeTab=personalAccessTokens)**.** There you can create new access tokens, update and regenerate existing ones with full flexibility. {% hint style="warning" %} The token itself is only visible right after creating a personal access token. In case you didn't save it, you can generate the token. The old token will then be invalidated. {% endhint %} ### Using the API {% hint style="info" %} We recommend to generate and manage personal access tokens directly in our app for, however, you can use our API for that as well. {% endhint %} In order to create a personal access token via API the following endpoint needs to be used: ## Create personal access token `POST` `https://api.locoia.com/v1/personal-access-tokens` The personal access token can be defined with granular scopes and an expiration date. #### Headers | Name | Type | Description | | ----------------------------------------------- | ------ | ------------ | | Authorization\* | String | Bearer Token | #### Request Body | Name | Type | Description | | -------------------------------------------- | ------ | ------------------------------------------------------------- | | expiration\* | Int | Number of days until expiration. Use `null` for no expiration | | scopes\* | List | List of scopes | | note\* | String | Describe purpose, (max 255 characters) | {% tabs %} {% tab title="201: Created " %} ```javascript { "id": "UUID", "token": "Token", "expiration": "Expiration Datetime", "note": "String", "last_used": null, "scopes": [ "Scope1", "Scope2" ] } ``` {% endtab %} {% endtabs %} {% hint style="warning" %} The token itself is only visible right after creating a personal access token, after that it is impossible to retrieve it from the API. {% endhint %} You can also create it directly in Locoia with [this Community Library Flow](https://app.locoia.com/#/community-library?page=1\&perPage=10\&nameSearchString=Create%20a%20Personal%20Access%20Token%20for%20Locoia\&sortProp=reference\&sortOrder=ascending). One can regenerate a token with by sending the following `POST` request: ## Regenerate personal access token `POST` `https://api.locoia.com/v1/personal-access-tokens/{{ token_id }}/regenerate` Regenerate or extend the expiration of an already created personal access token. #### Path Parameters | Name | Type | Description | | ------------------------------------------- | ------ | --------------------------------------------- | | token\_id\* | String | ID of personal access token to be regenerated | #### Headers | Name | Type | Description | | ----------------------------------------------- | ------ | ------------ | | Authorization\* | String | Bearer Token | #### Request Body | Name | Type | Description | | -------------------------------------------- | ---- | -------------------------------------------------------- | | expiration\* | Int | Number of days until expiration `null` for no expiration | You can list all token with ## Get personal access tokens `GET` `https://api.locoia.com/v1/personal-access-tokens` List all personal access tokens of the user. #### Headers | Name | Type | Description | | ------------- | ------ | ------------ | | Authorization | String | Bearer Token | ## Scopes The following scopes are available: | Scope Name | Entites | | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | automation |

Flows
Flow Runs
Flow Run Steps
Run Flows
Connector Auths (Read only)
Env Variables (Read only)
File Uploads (Read only)

| | company |

Env Variables
File Uploads
Teams
Users

| | connector\_auth |

Connector Auths

| | connectors |

Connectors
Connector Actions

| | dashboard |

Dashboards
Data Sources
Forecasts
Insights
Transforms

| | embed |

Embeds

| There are different access levels based on the scope extension:

Scope Extension	Supported Scopes	Operations	Example
None (leave empty)	automation, company, connector_auth, connectors, dashboard, embed	CRUD - Create, Read, Update, Delete	`connector_auth` - the token can create, read, update, and delete all Connector Auths to which the user who created the token has access to
:manage	automation, company, connector_auth, connectors, dashboard, embed	CRU - Create, Read, Update	`connector_auth:manage` - the user can do all of the above, except for deleting
:view	automation, company, connector_auth, connectors, dashboard, embed	R - Read	`connector_auth:view` - the user can only read the Connector Auths
webhook_run	automation	Trigger Webhook Flows	`automation` - the token can trigger all Webhook Flows in the account (alternative to Flow specific webhook tokens)

## Using Personal Access Token To authenticate with the token, simply specify it in the Authorization header like this: `Authorization: Bearer {{ token }}` or setup a Connector Auth for Locoia within the Locoia app and then use the token there. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.locoia.com/api/authentication-with-our-api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.