Overview
Access tokens are used to authenticate requests to the Cloud API. Tokens do not expire and remain valid until manually revoked, so treat them like passwords.
Creating a Token
-
Navigate to the API Tokens page
Go to the API Tokens page in your Utexo Cloud dashboard and click “Create Access Token”.
-
Provide a token name
Enter a descriptive name for the token. Using meaningful names (e.g., production-server, dev-laptop) helps you identify and manage multiple tokens.
-
Copy and store the token securely
The token is shown once. Store it in a secrets manager or environment variable immediately.
Using the Token
Export the token as an environment variable and include it in API requests:
export CLOUD_API_TOKEN="<your_token>"
curl -H "Authorization: Bearer ${CLOUD_API_TOKEN}" \
"https://cloud-api.thunderstack.org/api/nodes"
Revoking a Token
Revoking a token immediately deactivates it and prevents any further API access using that token.
- Return to the API Tokens section in your dashboard.
- Find the token item you want to revoke.
- Click the “Revoke” button for that token.