Skip to main content

How to create API Tokens

All Unleash APIs require authentication using an API token. The type of token you use depends on the API you are accessing and your specific use case.

Token types

Unleash supports four types of API tokens:

  • Backend tokens: Used to connect backend SDKs, Unleash Edge, and the Unleash Proxy to the Client API. Can be scoped to a specific project and environment.
  • Frontend tokens: Used to connect frontend SDKs to the Frontend API or Unleash Edge. These tokens are designed to be publicly accessible and have limited permissions. Can be scoped to a specific project and environment.
  • Personal access tokens: Tied to a specific user account. They are useful for testing, debugging, or providing temporary access to tools and scripts that need to interact with the Admin API.
  • Service account tokens: The recommended method for providing API access to integrations, automation tools, and other non-human users. Service accounts provide a more secure and manageable way to grant Admin API access.

Create an API token

Depending on your permissions, you can create API tokens in the Unleash Admin UI in four ways:

  • Admin settings > Access control > API access: for client or frontend tokens; requires the Admin root role, or a custom root role with API token permissions.
  • Admin settings > Service accounts > New service account: for creating a service account and assigning a token.
  • Settings > API access [inside a project]: for project-specific client or frontend tokens; permitted for project Members or users with a corresponding root role.
  • Profile > View profile settings > Personal API tokens: for personal access tokens.