Skip to main content

Generating Tokens and Keys

Customer knowledge baseAccount Settings

Generating Tokens and Keys

You can use tokens and keys for different functions in your CacheFly services.

  • For CacheFly API 2.5 calls, use an API Token

  • For CacheFly API 1.0 calls, use a Legacy API Key

  • For ProtectServe URLs, use a ProtectServe Key.

You can generate one or multiple API Tokens with different permissions, and use the API Token of your choice for an API 2.5 call across your account for any service.

By comparison, a service-specific Legacy API Key (API 1.0) and a service-specific ProtectServe Key are generated automatically by CacheFly for each CacheFly service that you create.

Find out more about enabling and using a Legacy API Key for a given service.

Find out more about enabling and using a ProtectServe Key for a given service.

Generating an API Token

When an external application makes a CacheFly API 2.5 call, the API Token in the call identifies the application and its access rights to CacheFly.

This token is a bearer token, meaning that any entity that possesses the token can use it for the associated CacheFly access rights.

The API token is therefore confidential information to be kept securely for use by only an authorized application.

Where to Add an API Token

To add an API Token:

  • Log in to the CacheFly portal

  • Navigate to the Administration top-level menu

  • Click on the API Tokens menu item.

A list of your currently defined API tokens appears.

How to Add an API Token

In the screen that lists your existing API Tokens (Administration > API Tokens):

  • Click on the + Generate Token button at the top right

  • Or, if you are adding your first API Token, on the + Add new API Token button in the center of the screen.

A popup window prompts you to enter your name for the new token and your choices for the following:

  • Access to Services: Choose either All Services or Selected Services. If you choose Selected Services, a checklist appears with the names of your currently defined services. You can check a box to select a service or uncheck the box to deselect it.

  • Permissions for Services: Choose between View Only, Manage, and Manage and Purge.

  • Other Contents: Choose between View Only for all contents, Manage for all contents, and Customize to define specific access and permissions for individual types of content. If you choose Customize, you can change individual settings in the grid below for specific types of content.

After defining the name of your token, click on the Generate Token button at the bottom of the popup window to generate the token.

Scroll the graphics in this step horizontally to see all the screens.

Copying the Token String

When you generate a new API Token, a popup window confirms successful generation.

The ASCII string corresponding to the token also appears in the popup window for you to copy and keep securely.

Click on the Copy Token button to copy the token string to your device clipboard. An on-screen message will confirm that the token has been copied.

Close the popup window by clicking on the X in the top right of the window.

Managing Your API Tokens

Existing and new API Tokens appear in the list of API Tokens (Administration > API Tokens).

By clicking on the name of a token, you can click on items that appear in a menu on the left of the screen to:

  • Display the DETAILS of the token and a Reveal Token button to let you display and copy the ASCII string of the token

  • Display and change the PERMISSIONS for an existing token

  • Delete the token by clicking on the Delete button in the top right of the screen.

Additional Help Topics