API Access Token

Content of this article

  1. Preliminary Remarks
  2. Create API Access Token
  3. Manage API Access Token
  4. plenigo API documentation

1. Preliminary Remarks

An API Access Token is a unique identifier for accessing, changing or renewing the company's data via the API. API tokens can be generated for different purposes and assigned different authorizations. Development teams need API Access Tokens to program integrations to plenigo, among other things.
API Access Tokens can also be created for different use cases, such as access by third-party applications or team members.

In the list view, the Status displays how old the token already is.

  • older than 6 months - Status symbol is active. The number of days is coloured orange.
  • older than 1 year - Status symbol is active. The number of days is coloured red.
  • expired Token - Status symbol is expired and has a red background.

    Note: For security reasons, we recommend renewing the token manually on a regular basis or using the automatic renewal option.


2. Create API Access Token

  • Click on + Create Personal Access Token.
  • Enter a Name* for the token.
  • Optionally, enter a Description.
  • Rights* determine if the token allows to read & write or only to read.
  • Determine Applications* by using the drop-down menu. They determine for which applications the token may be used.


  • Expires on: A date on which the token expires can be defined here. As soon as the token expires, access to the plenigo system is blocked.
  • Checkbox Auto renewal every x days: If activated, the token is automatically renewed and a callback can be set to inform a third-party system and get the renewed access token.
  • Renewal Mail Recipient to which the information is to be sent that the token has been automatically renewed.

Callback Einstellungen

A callback can be set up to transfer the information to a third-party system that the API access token has been renewed. Callbacks only need to be set up if the automatic renewal of the token has been activated. The callback transmits a unique key that must be redeemed via the API endpoint /apiAccessTokens/requestRenewedToken within 2 hours in order to receive the updated token. If the unique key has not been redeemed within 2 hours, a new callback is triggered after 24 hours. Once the unique key has been used, the old token is valid for a further 24 hours before it finally expires.


3. Manage API Access Token

The token can be edited either in the list on the right hand side via Commands or in the detail view via the action bar on the top.

Copy Token

In the detail view below the token, click on Copy.
The token is copied to the cache and can be inserted elsewhere.

Deactivate

  • Click on Deactivate.
  • Please note that deactivation of the token cannot be undone.
  • If the API Access Token should really be deactivated, click on Deactivate.

Edit

The API Access Token can be edited to a limited extend.
The following can be edited:
  • Description
  • Auto renewal
  • Renewal Mail Recipient

Renew Token

In the detail view via the action bar, the token can be renewed by clicking on Renew Token.
The following must/can be set in the dialog window.
  • End date of the existing Token* determines when the existing token is expire.
  • Name of the new Token* determines the name of the renewed token.
  • Description can optionally be added.

4. plenigo API documentation

The plenigo API documentation contains all the necessary information on how the API can be used in connection with plenigo.
API end point: /apiAccessTokens/requestRenewedToken