Manage API tokens | Secure | Northflank Application docs

Secure /

Manage API tokens

An API token authenticates a user or program to an application programming interface (API).

The Northflank API uses JSON Web Tokens (JWT) for authentication.

Tokens can be issued with different levels of authorization defining which resources in the API the user or application with the token can access and which operations can be performed on those resources, e.g. resource Projects, permission Read.

Northflank API tokens apply across projects by default, but can be restricted to specific projects.

Creating an API token in the Northflank application

Create a token

You can create an API token from the tokens page in account settings.

Click here to create a new API token.

If you are creating an API token for use on a user account, you can simply configure the required permissions for the individual token.

If you are creating an API token for use in a team account, you will need to select the appropriate API role to create the token from.

Use a token

To use your API token simply copy the token from either the list or the edit token page and pass it into your application.

You should use environment variables to inject sensitive secrets into your applications.

Your application will now have access to your Northflank projects and services as granted by the token.


Never share your API token or commit it to a repository!

Edit a token

You can edit an API token on your personal account by clicking through to the token from the list and updating the desired permissions and restrictions. You can also delete the token, which will remove access from any applications currently using it.

Team members cannot edit individual API token settings, only API roles can be edited by team members with the correct permissions.