Locoia
  • Overview
  • Account and User Settings
    • User types
    • Adding Users
    • Teams
    • Access Permissions
    • 2 Factor Authentication 2FA
    • Versioning and Snapshots
    • Activity Log
  • Reset your Password
  • Invoices and Payments
  • Automation
    • Flow Builder
      • Flow Building Best Practices
      • Jinja Template Language
        • Jinja: (Custom) variables, wildcards and functions
        • Magic Code Samples
      • Connectors & APIs
        • Titles and References
        • Referencing data of objects, lists, arrays - how to pass data dynamically
        • Accessing Objects with JSONPath
        • Merging nested JSON objects
        • Parsing JSONs from String
        • Response Headers & Status Codes
        • Custom Data Fields
        • Wildcard API calls and actions
        • Response cleaning
      • Text Strings, Date & Time, Numbers and Currencies
        • Text and Strings
        • Dates & Time
        • Numbers (Thousand Separators, Currencies)
      • Email-formatting
      • Code Fields
      • Running single Flow steps
      • Flow run data retention, logging, and error notifications
      • Advanced View
      • Dynamic Title
      • Custom Error Handling
      • Error Handling Flows
      • Automatic Pagination
    • Flow Debugger
      • Automatic Retrying
      • Run Flows again
      • Troubleshooting Flows
    • Community Library
  • Connectors & Helpers
    • Connectors
      • Monday.com
      • ActiveCampaign
      • Aircall
      • Allthings
      • Amplitude
      • Animus
      • Assetti
      • Awork
      • AWS RDS Database - How to connect
      • bubble.io
      • Casavi
      • Chargebee
      • CleverReach
      • comgy
      • commercetools
      • Everreal
      • Exact Online
      • Facebook Marketing
      • Fahrländer Partner
      • FastBill
      • FILESTAGE.io
      • Freshdesk
      • Freshsales
      • Google Ads
      • Google Ads Lead Form
      • Google Analytics
      • Google Chat
      • Google Drive
      • Google Sheets
      • Gmail
      • HubSpot
      • Heyflow
      • iDWELL
      • ImmobilienScout24
      • Instagram Ads
      • Intercom
      • klaviyo
      • Kiwi Opening Doors
      • Klenty
      • Klipfolio
      • Kolibri CRM
      • konfipay
      • KUGU
      • Shopify
      • S3 AWS
      • SQS AWS
      • Lambda AWS
      • Learnster
      • lexoffice
      • LineMetrics
      • Linkedin
      • Locoia
      • Notion
      • MailGun
      • Makula
      • Microsoft Dynamics 365
      • Microsoft OneDrive
      • MixPanel
      • MongoDB
      • Odoo
      • OnFleet
      • OnOffice
      • Oracle NetSuite
      • Outbrain
      • Quickbooks
      • Trello
      • PandaDoc
      • Personio
      • Pinterest Ads
      • Pipedrive
      • Plentific
      • PriceHubble
      • relay
      • REALCUBE
      • Sage ERP
      • Salesforce
      • SAP
      • Scoro
      • Seafile
      • sevDesk
      • SharePoint
      • SharpSpring
      • Slack
      • Snapchat Marketing
      • Snowflake
      • Teamleader Focus
      • Teamwork.com
      • Tableau
      • TikTok
      • TinQwise
      • The Trade Desk
      • Twitter
      • Typeform
      • WordPress
      • Xero
      • Youtube
      • Zendesk
      • Zoho CRM
      • Zoom
    • Helpers
      • Scheduler
      • Webhook
      • Dict Helper
      • Spreadsheet Helper
      • REST Helper
      • Boolean Helper
      • Multi Case Helper
      • Looper
      • FTP Helper
      • CSV Helper
      • XLSX Helper
      • Mail Sender
      • Flow Trigger
      • File Storage Helper
      • Terminate Helper
      • Delay Helper
      • SQL Connector
      • PDF Helper
      • Zip Helper
      • Data Warehouse Helper
      • XML Helper
      • Form Helper
      • Arrow
      • Error Arrow
    • Authentication Types Available
      • Setting up authentication
      • OAuth1
      • OAuth2
      • Refreshable token
      • AWS Signature
      • Basic Auth and Other Simple Authentication Methods
      • How are API versioning and API updates handeled?
      • Custom OAuth2 clients (apps)
    • Building Connectors
      • Base Connector Setup
        • Connector Auth Validation
        • GraphQL APIs
        • Rendering with User Input
      • Building Connector Actions
        • Actions Examples
      • Search Automation
      • Pagination Automation
      • Uploading Files in Actions
      • Working with SOAP APIs
    • Super Actions
    • Webhook Trigger for Connectors
    • Data Mapping and Env Variables
  • Embed - White Label Portal
    • Embed Overview
      • 1. Embed Flow
        • 1.1 Creating Embed Flows
        • 1.2 Updating Embed Flows
        • 1.3 Embed Error Handling
        • 1.4 Setting up Callbacks for Integration activation/deactivation
        • 1.5 Setting up Remote search
        • 1.6 Setting up End User logs
      • 2. Configure Embed
        • 2.1 Embed Integration via SSO
        • 2.2 Proprietary connector setup
        • 2.3 Sharing level
        • 2.4 Consent screen
        • 2.5 Account Secrets
        • 2.7 Further settings
      • 3. Integrate Embed
        • 3.1 iframe vs native embed
        • 3.2 Customizing CSS
        • 3.3 Events emitted from iframe to parent window
      • 4. Embed for End User
        • 4.1 Embed Remote Search
        • 4.2 Embed End User Logs
      • 5. Test Embed Configuration
        • Testing example
      • 6. Embed Integrations and Connector Auths
    • Embed FAQs
  • Data and Dashboards
    • Dashboards & Insights
      • Introduction to Dashboards
      • Introduction to Insights
      • Introduction to Data Sources
      • Dashboard Filters
      • Insight Marketplace - Using Pre-Built Insights
      • Writing SQL Queries
      • Useful SQL Examples
      • Charts
        • Line Chart
        • Bar and Horizontal Bar Chart
        • Stat Card
        • Pie Chart
        • Gauge Chart
        • Donut Chart
        • Stacked Bar, Horizontal Stacked Bar, and Normalized Horizontal Stacked Bar
        • Multiple Line Chart
        • Pivot Table
        • Map Chart
  • Best Practice Guides
    • Integration Best Practices
    • Integration Check List
    • CSV Files in Excel
    • Multi-Tenant Flows
    • On-Premise Integrations
    • Database Connection Setup
    • Data and General Security
    • Using Tags
    • FAQ
  • API
    • Locoia API Authentication - Personal Access Token
    • Create Connector Authentication
  • Contact us
  • Status of Service
  • Data Privacy
  • Imprint
Powered by GitBook
On this page
  • Creating a Personal Access Token
  • In Locoia
  • Using the API
  • Create personal access token
  • Regenerate personal access token
  • Get personal access tokens
  • Scopes
  • Using Personal Access Token

Was this helpful?

  1. API

Locoia API Authentication - Personal Access Token

Authentication with our API of Locoia itself

PreviousFAQNextCreate Connector Authentication

Last updated 1 year ago

Was this helpful?

Creating a Personal Access Token

In Locoia

Go to your avatar (upper right corner) > User > .

There you can create new access tokens, update and regenerate existing ones with full flexibility.

The token itself is only visible right after creating a personal access token. In case you didn't save it, you can generate the token. The old token will then be invalidated.

Using the API

We recommend to generate and manage personal access tokens directly in our app for, however, you can use our API for that as well.

In order to create a personal access token via API the following endpoint needs to be used:

Create personal access token

POST https://api.locoia.com/v1/personal-access-tokens

The personal access token can be defined with granular scopes and an expiration date.

Headers

Name
Type
Description

Authorization*

String

Bearer Token

Request Body

Name
Type
Description

expiration*

Int

Number of days until expiration. Use null for no expiration

scopes*

List

List of scopes

note*

String

Describe purpose, (max 255 characters)

{
  "id": "UUID",
  "token": "Token",
  "expiration": "Expiration Datetime",
  "note": "String",
  "last_used": null,
  "scopes": [
    "Scope1",
    "Scope2"
  ]
}

The token itself is only visible right after creating a personal access token, after that it is impossible to retrieve it from the API.

One can regenerate a token with by sending the following POST request:

Regenerate personal access token

POST https://api.locoia.com/v1/personal-access-tokens/{{ token_id }}/regenerate

Regenerate or extend the expiration of an already created personal access token.

Path Parameters

Name
Type
Description

token_id*

String

ID of personal access token to be regenerated

Headers

Name
Type
Description

Authorization*

String

Bearer Token

Request Body

Name
Type
Description

expiration*

Int

Number of days until expiration null for no expiration

You can list all token with

Get personal access tokens

GET https://api.locoia.com/v1/personal-access-tokens

List all personal access tokens of the user.

Headers

Name
Type
Description

Authorization

String

Bearer Token

Scopes

The following scopes are available:

Scope Name
Entites

automation

  • Flows

  • Flow Runs

  • Flow Run Steps

  • Run Flows

  • Connector Auths (Read only)

  • Env Variables (Read only)

  • File Uploads (Read only)

company

  • Env Variables

  • File Uploads

  • Teams

  • Users

connector_auth

  • Connector Auths

connectors

  • Connectors

  • Connector Actions

dashboard

  • Dashboards

  • Data Sources

  • Forecasts

  • Insights

  • Transforms

embed

  • Embeds

There are different access levels based on the scope extension:

Scope Extension
Supported Scopes
Operations
Example

None (leave empty)

automationcompanyconnector_authconnectorsdashboardembed

CRUD - Create, Read, Update, Delete

connector_auth - the token can create, read, update, and delete all Connector Auths to which the user who created the token has access to

:manage

automationcompanyconnector_authconnectorsdashboardembed

CRU - Create, Read, Update

connector_auth:manage - the user can do all of the above, except for deleting

:view

automationcompanyconnector_authconnectorsdashboardembed

R - Read

connector_auth:view - the user can only read the Connector Auths

webhook_run

automation

Trigger Webhook Flows

Using Personal Access Token

To authenticate with the token, simply specify it in the Authorization header like this: Authorization: Bearer {{ token }} or setup a Connector Auth for Locoia within the Locoia app and then use the token there.

You can also create it directly in Locoia with .

automation - the token can trigger all Webhook Flows in the account (alternative to Flow specific )

Personal Access Token
this Community Library Flow
webhook tokens