You use API tokens to authorize actions per organization. Previously referred to as OAuth Refresh tokens, an API token handles authorization more securely than an access key because it authorizes access per organization, and not across all your organizations. Use an API token to access the APIs of the cloud services platform and the VMware Cloud services.

An API token is valid for six months, after which time you regenerate it. If you feel the token has been compromised, you can revoke the token to prevent unauthorized access to the API. You generate a new token to renew authorization.

Procedure

  1. On the VMware Cloud Services toolbar, click your user name and select My Account > API Tokens.

    The first time you generate a token, the following screen appears.

  2. Click New Token.
  3. Click Copy to Clipboard and paste the token in your script.

    The token is valid for six months after which time you regenerate the token.

  4. To revoke the token:
    1. Click Revoke

      The token is rendered invalid.

    2. Remove the token from your script.
  5. To regenerate a refresh token:
    1. Click Regenerate.

      The token is revoked, and a new token is generated.

    2. Click Copy to Clipboard and paste the token in your script.