Account & Organization
      Back to home
      1. Help Center
      2. Account & Organization

      Create and manage access tokens

      This article shows you how to create and manage access tokens to use them together with our SDK and API

      To open the access token menu click the account button in the top-right corner of the window and select Organization settings from the drop-down menu.

      Then select Access tokens in the menu on the left side of the window.

      You can now see all the publishable and secret access tokens that you’ve created in the past.

      You can copy publishable tokens by clicking the copy button next to the number.

      By hovering the mouse cursor over the domain number you can see which domains are allowed and by hovering the cursor over the scope number you can see which scopes were selected for the respective token.

      To delete a token you can either select it by left-clicking it and then clicking the Delete button or by clicking the button with the three dots and selecting Delete token.

      To delete multiple tokens at once simply select the ones you wish to delete with a left-click. Once you’ve selected the tokens click the Delete button.

      Create a new token

      To create a new token click the blue Create token button

      You then have the choice to create a Publishable or a Secret token.

      Publishable token

      Publishable access tokens are used for hosting control of public resources. Hosting control is the problem of deciding which domains can display which floors to visitors.

      The first field of the creation form allows you to choose a name for the token.

      In the second field, you can add the allowed domains. Separate them with a comma if you want to allow more than one domain.

      Finally, you can select one or more scopes of the publishable token.

      Secret token

      Secret access tokens are used for access control to private and public resources. Secret access tokens allow the performing of all actions provided by the Space API and support all scopes.

      Secret access tokens should be only used in back-end Space API integrations and should be treated with the same care as other back-end secrets (like a database password).

      The first field of the creation form allows you to choose a name for the token.

      After that, you can select one or more scopes of the token.

      Once you click the blue Create button a pop-up will open showing you the access token. This access token will only be shown once. Copy it so that you can use it in your app. Once you close the pop-up you won’t be able to see or access the token anymore.

      You can find more information about access tokens in our developer documentation.