Personal Access Tokens

If you would like to access data only for your account and don’t want to expose your API client or integration to other Appfigures users, you can use a Personal Access Token to authenticate with the API. A Personal Access Token is an OAuth 2.0 token that you issue yourself manually without having to implement a full OAuth 2.0 flow into your API client. After generating the token, you pass it along with your requests like you would an OAuth 2.0 Bearer token.

Generating a Personal Access Token

Each Personal Access Token is associated with an API Client, so you will need to create one in your Appfigures account.

After that, you can open the details of any key in your account and select “Create Personal Access Token”. The token you are given can be used to make API requests on behalf of you and the API Client. Make sure to treat it as you would a password and to save it somewhere safe, as there is no way to see the token again after it is issued.

Using a Personal Access Token

Assuming we have generated a token pat_1234 above, we can pass it in the Authorization header just as we would with an OAuth 2.0 Bearer token.

    >> Request
    Authorization: Bearer pat_1234
    << Response
    200 OK
      "status": "200",
      "message": "OK",
      "see": "",
      "version": "2.0",
      "user": {
        "id": 42,
        "name": "Test User",
        "email": "",
        "avatar_url": ""
      . . . snip . . .