You use OAuth refresh tokens to authorize actions per organization. The OAuth refresh token handles authorization more securely than an access key because it authorizes access per organization, and not across all your organizations. Use an OAuth refresh token to access the APIs of the cloud services platform and the VMware Cloud services.

About this task

An OAuth refresh token is valid for six months, after which time you regenerate it. If you feel the token has been compromised, you can revoke the token to prevent unauthorized access to the API. You generate a new token to renew authorization.

Procedure

  1. On the menu, click your user name and click OAuth Refresh Token.

    The first time you generate a token, the following screen appears.

  2. Click New Token.

  3. Click Copy to Clipboard and paste the token in your script.

    The token is valid for six months after which time you regenerate the token.

  4. To revoke the token.
    1. Click Revoke

      The token is rendered invalid.

    2. Remove the token from your script.
  5. To regenerate a refresh token.
    1. Click Regenerate.

      The token is revoked, and a new token is generated.

    2. Click Copy to Clipboard and paste the token in your script.