Skip to main content
Feedback

API Token Management

Important

To view the Token Management page, you must have Account Administration and API Access privileges. Only account administrators can view and manage all the API tokens generated by users of a given account.

Using the Token Management page in Settings, account administrators have the ability to search for and view any API tokens generated by users on an account, change a token's active status, or permanently delete a token on a user's behalf. Administrators have the ability to manage tokens in the event that a user's account is compromised, or when the user is temporarily unable to access the API.

In the Token Management page, account administrators can view the following:

  • The name of the API token that was created under the account
  • The first 6 characters of the token string
  • The user who created the token
  • The date the token was created
  • The token's enabled or disabled status

img-int-token_management_page

Searching for user API tokens by user, token name, or token value

Use the search field in the list of user API tokens on the Token Management page to find tokens by user, token name, or token value.

  1. Select Settings and click the Token Management tab under Boomi Platform API.

  2. In the search box above the list of user API tokens, type all or part of a token name, user name, or the first 6 characters of a token value. Search results will show automatically as you type.

    note

    If you do not see any API tokens in the list before your search, clear any filters that may have been applied.

  3. Click the blue X icon in the search bar or hit the Esc key to reset the list.

Searching for user API tokens by using a filter

  1. Select Settings and click the Token Management tab under Boomi Platform API.

  2. Click Add Filter above the list of user API tokens. You may need to clear any filters that may have already been applied.

    The filter list dialog opens.

  3. Next, do one of the following:

    • Click the Date filter to search the list by tokens that have been added in the past hour, past 24 hours, past week, or a specific date range. Select one of the options.

      Selecting the Date Range option requires you to enter the beginning and end time and the date in which to apply your search. The time values must be entered in a 24-hour format, and the date values must be entered in a mm/dd/yyyy format. The default time values are 00:00 and 23:59 representing 12 a.m. and 11:59 p.m., and the default date values are the current date and exactly a month prior.

    • Click the Status filter to search the list by tokens that are in an Enabled or a Disabled state. Select one of the options.

  4. Click Apply to apply the filter and populate a list of API tokens that match the combination of filters you selected appear in the list.

  5. (Optional) Select the filter to open the dropdown box and modify your selection as needed.

  6. Click the bright blue X icon to the right of your selected filter to Clear all filters. To delete a single filter, click the darker blue X icon next to the individual filter.

Revoking, enabling, and disabling user API tokens

As an administrator, you can revoke, disable, or enable any API tokens on an account.

  • Revoking a token ends the validity of a user's token and ultimately deletes it from both the user account and the Token Management page. You may wish to revoke a token if the token has been compromised, or because the token is no longer in use. This is a permanent action; users must replace the token with a valid, active token in all locations it was previously used to continue making successful calls to the Platform API and Partner APIs.

  • Disabling an API token invalidates user authentication by the token. Therefore, disabling a token requires users to replace the token in all locations it was previously used in order to continue making successful calls to the Platform API and Partner APIs. Enabling an API token that has been disabled will reinstate the token's validity for user authentication.

Use the following steps to manage user API tokens on an account:

  1. Select Settings and click the Token Management tab under Boomi Platform API.

  2. In the list of API Tokens, click the Action icon next to the user API token you want to revoke. The Enable action shows only when the token has been previously disabled.

  • If you select Revoke:

    • A message displays asking for confirmation to revoke the API token.

    • Click OK to continue, or click Cancel to exit and return to the Token Management page without making changes.

  • If you select Enable or Disable:

    • Confirm the changes to the status of your API token by viewing the Status column on the Token Management page.
On this Page