Adding a Bearer Token

Last updated on 05 September, 2023

Important: Bearer tokens are available only to users who have enabled Traces (LM APM license).

Users are required to authenticate themselves with a bearer token before making LogicMonitor REST API v3 requests. It is a combination of multiple alpha numeric characters and is auto generated by LogicMonitor. Currently, you can use bearer token to authenticate LogicMonitor REST API v3 only.

You do not have to buy special license to get a bearer token. As a LogicMonitor customer, when you buy a license for a device such as cloud device, physical device, or device of any other type, you are eligible to get a bearer token. Also, you do not need a specific role to get the token. It is unique for each user.

Unlike LMv1 token that needs a combination of current date and time to authenticate, bearer token is not dependent on date and time for authentication. It does not expire or generate a random code that you have to use for authentication. Once you get the bearer token, you have to add it to the API requests just once. Later on, LogicMonitor REST API code will reuse the token without you having to enter it every time. As a developer using LogicMonitor REST API, you need not develop authentication header or write commands to authenticate yourself. Thus, bearer token not only saves time, it also saves development efforts. 

High Security Standards of Bearer Token

Bearer token has been designed and developed to ensure customer data security. Refer to the following points to understand the security strength of bearer token:

  • Bearer token is fully visible in LogicMonitor only at the time of its generation. That’s the only chance to copy it at a secure location. Next time onwards, the token is partially masked.
  • The token is unique for each user and therefore, non-transferable. Thus, nobody can misuse it because it is partially masked and other than the rightful owner, authentication will fail.
  • Bearer token is system generated and hence, it cannot be edited.


You must have the Allow Creation of API Tokens permission to access the API Tokens tab and to generate a bearer token.

Adding a Bearer Token

Bearer tokens are designed to provide an authentication mechanism by which they can authenticate the API calls to the LM Platform. You can create Bearer token by following the below steps:

  1. In LogicMonitor, navigate to Settings > User Access > Users and Roles > Bearer Token tab.
  2. Select the Add Bearer Token + icon. The Add Bearer Token page appears.
  3. In the User field, select a user with role having DataIngestion permission for adding bearer token.
    Once you select a user, the bearer token is automatically populated in the Token field. 
  4. (Optional) Select the Copy button against the Token
    Recommendation: Copy the bearer token and save it to a secure location. 
  5. (Optional) In the Note field, enter a relevant note. 
  6. Select Save.
    The new Bearer token is created and displayed in the table.

Managing Bearer Token

You can manage your bearer token in few quick steps. In this section, you will learn to delete, enable, and disable your token.

Deleting Bearer Token

You must consider the following points before deleting your token:

  • Once a bearer token is deleted, it cannot be retrieved.
  • All the existing API requests where you have provided the bearer token will fail after the token is deleted. 

However, if you delete your existing bearer token, you can generate a new token and resume to authenticate LogicMonitor REST API requests.

Follow these steps to delete your bearer token:

  1. Navigate to Settings > Users and RolesBearer tab. A list of bearer tokens is displayed.
  2. Search for your bearer token.
  3. Select Delete  corresponding to your bearer token. A message confirming deletion is displayed.
  4. Select Ok

Enabling and Disabling Bearer Token

On the Bearer token table, the Enable check box for each bearer token indicates if the token is enabled or not. However, as per need, you can disable and then re-enable your bearer token.

  • Enabling bearer token – You can authenticate API requests only if the bearer token is enabled. Once a bearer token is generated, by default, it is enabled.  
  • Disabling bearer token – Clear the Enable check box for your bearer token. All the existing API requests where you have provided the bearer token will fail after the token is disabled. 
  • Re-enabling bearer token – Select the Enable check box for your bearer token to re-enable.
  • Viewing only enabled bearer tokens – From the Add Filter, select All. Then, from the Show filter, select the Enabled check box to view enabled bearer tokens. If you clear the check box, you can view both enabled and disabled bearer tokens.

Using Bearer Token on the User Interface

You can use bearer token to authenticate yourself while making API requests. You must carefully paste the bearer token in the Token field without adding blank space or extra characters.

In This Article