HomePlatformSDKRelease Notesllms.txt
Platform Components/Security and Auth

Application access tokens

Guide to managing application access tokens in SettleMint

Application access tokens let you connect your SettleMint services with other apps securely. They represent your application, not individual users, and can be created by both admins and users. They can be used to connect to all or selected services of an application.

Create an application access token

Go to your application's dashboard and click on "App access tokens" in the left navigation.

Click on the "Add an application access token" button. This opens a form where you can create your application access token.

  1. Choose a name for your application access token.
  2. Select an expiration date. You cannot update this later.
  3. Select a scope type. There are two types of scope: All or Specific.
    1. If you selected All, you grant access to all services of the application. If you add more services to the application later, this access token will grant access to these new services as well.
    2. If you selected Specific, you can choose which specific services this access token will grant access to.
    3. You can also update the scopes of your application access token later.
  4. Click Confirm to create your application access token.

Copy and save your token securely - you won't see it again. Treat it like a password and keep it secret.

Update an application access token

Navigate to the application whose token you want to update.

  1. Click App Access Tokens in the left navigation, you will see a list of all application access tokens for this application.
  2. Click on View scopes of the token you wish to update. This will first open a list where you can view the current scopes of the token.
  3. Click on Update in the bottom right corner to open a form where you can update your application access token.
  4. Choose the new scopes for your application access token.
  5. Click Confirm to update your application access token.

Delete an application access token

If you are worried that an application access token has been compromised, or you no longer use the integration for which you had generated a particular application access token, you can delete that application access token.

  1. Navigate to the application dashboard whose application access tokens you wish to delete.
  2. Click App Access Tokens in the left navigation.
  3. Click Delete next to the application access token you want to delete.
  4. Type DELETE to confirm. The application access token will no longer be usable.

Use an application access token

You can use these application access tokens in three ways depending on what works for your use case.

  • As a header, you can use the header x-auth-token: TOKEN.
  • As a query parameter using https://myservice.settlemint.com/?token=TOKEN appended to any URL.
  • As the last part of the URL https://myservice.settlemint.com/TOKEN.
    • For IPFS nodes build your uri so it becomes https://myservice.settlemint.com/TOKEN/api/v0/...
    • For Avalanche and Fuji build your uri so they look like https://myservice.settlemint.com/ext/bc/C/rpc/TOKEN

Personal access tokens

Guide to managing personal access tokens in SettleMint

Audit logs

Guide to using audit logs in SettleMint