Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-02-04 00:18:01 +01:00
Code Issues Projects Releases Wiki Activity

More updates to API tokens file

Browse Source
This commit is contained in:
melindafekete 2025-01-29 11:21:40 +01:00
parent a19288565a
commit 24815f5240
No known key found for this signature in database
1 changed files with 15 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
website/docs/reference/api-tokens-and-client-keys.mdx
View File

@ -3,13 +3,12 @@ title: API Tokens and Client Keys
pagination_next: reference/front-end-api pagination_next: reference/front-end-api
--- ---
Unleash uses a system of API tokens and client keys, to facilitate communication between consuming clients such as [SDKs](../reference/sdks), [Edge](../reference/edge) or other tools and automation. Unleash uses API keys to facilitate communication between consuming clients such as [SDKs](../reference/sdks), [Edge](../reference/edge) or other tools and automation.
Unleash supports the following types of API tokens and keys: Unleash supports the following types of API tokens:
- [Client tokens](#client-tokens) for connecting server-side client SDKs, Unleash Edge, and Unleash Proxy to the Unleash server. - [Client tokens](#client-tokens) for connecting server-side client SDKs, Unleash Edge, and Unleash Proxy to the Unleash server.
- [Frontend tokens](#frontend-tokens) for connecting client-side SDKs to Unleash using the Frontend API. - [Frontend tokens](#frontend-tokens) for connecting client-side SDKs to Unleash using the Frontend API.
- [Personal access tokens](#personal-access-tokens) for testing and debugging or providing temporary access to an automation tool. - [Personal access tokens](#personal-access-tokens) for testing and debugging or providing temporary access to an automation tool.
- [Proxy client keys](#proxy-client-keys) for connecting client-side SDKs to Unleash using Unleash Proxy.
## API token types ## API token types
@ -26,7 +25,7 @@ Client tokens cannot be used in Frontend SDKs, use [Frontend tokens](#frontend-t
### Frontend tokens ### Frontend tokens
Use Frontend tokens for connecting [frontend SDKs](../reference/sdks#front-end-sdks) using the [Unleash Frontend API](./front-end-api). They grant the user permission to: Use frontend tokens for connecting [frontend SDKs](../reference/sdks#front-end-sdks) using the [Unleash Frontend API](./front-end-api). They grant the user permission to:
- Reading enabled flags for a given context - Reading enabled flags for a given context
- Registering applications with the Unleash server - Registering applications with the Unleash server
- Sending usage metrics - Sending usage metrics
@ -67,9 +66,7 @@ Admin tokens grant full read and write access to all resources in the Unleash se
::: :::
### Client and Frontend tokens The following table provides a summary of what ...:
The following table provides a summary of what roles and permissions allow a user to view, create, update, or delete Client and Frontend tokens in Unleash:
| Role/Permission | Details | | Role/Permission | Details |
|---------------------------------------------------|-------------------------------------------------------------------------| |---------------------------------------------------|-------------------------------------------------------------------------|
@ -78,10 +75,7 @@ The following table provides a summary of what roles and permissions allow a use
| **Member Project Role** | Can view, create, update, or delete tokens within the project. | | **Member Project Role** | Can view, create, update, or delete tokens within the project. |
| **Custom Project Role with API Token Permission** | Can view, create, update, or delete tokens within the project with the corresponding permission. | | **Custom Project Role with API Token Permission** | Can view, create, update, or delete tokens within the project with the corresponding permission. |
| **Viewer Root Role** | Cannot view, create, update, or delete tokens. | | **Viewer Root Role** | Cannot view, create, update, or delete tokens. |
| **Any Role** | Can create pesonal access tokens. |
### Personal access tokens
Any user can create personal access tokens that mirror the permissions they have.
## API token format ## API token format
@ -97,8 +91,6 @@ The parts are separated by two different separators: A colon (`:`) between the p
{{projects}}:{{environment}}.{{hash}} {{projects}}:{{environment}}.{{hash}}
``` ```
The **project(s)** part is one of:
The project value of the token can be one of: The project value of the token can be one of:
- A single project ID, for example `default`: when the token can only access a single project. - A single project ID, for example `default`: when the token can only access a single project.
- `[]`: when the token is valid for a specific set of projects*. The list of projects is not shown in the token. - `[]`: when the token is valid for a specific set of projects*. The list of projects is not shown in the token.
@ -108,7 +100,7 @@ The environment is the name of an environment on your Unleash instance, such as
Personal access tokens start with the string `user`, and do not contain additional project or environment information. Personal access tokens start with the string `user`, and do not contain additional project or environment information.
Some example client tokens are: Some example API tokens are:
- A token with access to the `development` environment of a single project, `new-checkout-flow`: - A token with access to the `development` environment of a single project, `new-checkout-flow`:
``` ```
@ -136,10 +128,18 @@ be44368985f7fb3237c584ef86f3d6bdada42ddbd63a019d26955178
## Create an API token ## Create an API token
.. some detailed steps here ### Create an API token
### Create a personal access token
## Proxy client keys ## Proxy client keys
:::warning
Unleash Proxy is in maintanance mode. Use [Unleash Edge](../reference/edge) instead.
:::
Use proxy client keys to connect [Frontend SDKs](../reference/sdks#front-end-sdks) to [Unleash Proxy](../reference/unleash-proxy). Proxy client keys are not considered a secret and are safe to expose client-side. Use proxy client keys to connect [Frontend SDKs](../reference/sdks#front-end-sdks) to [Unleash Proxy](../reference/unleash-proxy). Proxy client keys are not considered a secret and are safe to expose client-side.
Proxy client keys are arbitrary strings that you provide the Unleash proxy with on startup. They can be any string you choose, and you create them yourself. Proxy client keys are arbitrary strings that you provide the Unleash proxy with on startup. They can be any string you choose, and you create them yourself.
@ -150,5 +150,4 @@ To designate a string as a proxy client key, add it to the `clientKeys` list whe
::: :::
Proxy clients keys cannot be used to connect to the Unleash API, use [API tokens](#api-tokens) instead. Proxy clients keys cannot be used to connect to the Unleash API, use [API tokens](#api-tokens) instead.