API Tokens
Last updated on 06 April, 2023API Tokens can be used to authenticate requests to LogicMonitor’s REST API. API Tokens (LMv1 and Bearer tokens) enable you to control which users in your account use the REST API, and monitor how often they are using it. For more information on API tokens (LMv1, Bearer) and best practices to use API tokens, see Application Authentication Overview.
Creating API Tokens
You can create two types of API tokens that are LMv1 tokens and Bearer tokens. These tokens are created on a per-user basis.
Important: Any user except an out-of-the-box administrator user role can create API tokens. Ensure to check the Allow Creation of API Token checkbox under Settings> User Profile.
Creating LMv1 Tokens
LMv1 token is a key-based authentication which allows you to authenticate API calls to the LogicMonitor platform. It consists of a key pair (access-id and access-key). Follow the steps to create LMv1 tokens:
- On the User Access page, select the API Tokens tab.
LMv1 tab is selected by default.
- Select
to create a LMv1 token.
Note: The LMv1 option is selected by default in the Token Type field. - In the User field, select an email address for log in process.
Once you select an email address, the Access ID and Access Key are automatically populated. - (Optional) Select the Copy button against the Access ID and Access Key.
Recommendation: Copy the Access key and save it to a secure location. - (Optional) In the Note field, enter a relevant note.
- Select Save.
The new LMv1 token is created and displayed in the table.
Creating Bearer Tokens
Important: Bearer tokens are available only to users who have enabled Traces (LM APM license).
Bearer tokens are designed to provide an authentication mechanism by which they can authenticate the API calls to the LM Platform. You can create Bearer token by following the below steps:
- In the User Access page, select the API Tokens tab.
- Select the Bearer tab.
- Select to create a Bearer token.
Note: The Bearer option is selected by default in the Token Type field. - In the User field, select an email address for log in process.
Once you select an email address, the Access ID and Access Key are automatically populated. - (Optional) Select the Copy button against the Access ID and Access Key.
Recommendation: Copy the Access key and save it to a secure location. - (Optional) In the Note field, enter a relevant note.
- Select Save.
The new Bearer token is created and displayed in the table.
Viewing API Tokens
The API Tokens Tab in Settings | User Access displays all API Tokens across all account users. For each token, you can see the associated user, roles, note, created on date, last used date and the enabled/disabled status. Sort by any column header, limit what is displayed to enabled tokens or search to quickly find what you’re looking for.
Searching and Sorting Tokens
Use the search field to search for the Access Id, user, role or note associated with one or more tokens. Select the ‘Show enabled only’ checkbox underneath the search field to only display enabled tokens. Select a column header to sort the displayed tokens by that column.
Disabling and Deleting Tokens
Uncheck the Enabled checkbox for a token to disable it. Disabled tokens can be re-enabled simply by selecting the “Enabled” checkbox.
You can delete tokens by selecting the “Delete” icon on the far righthand side of the API Tokens table.