All Collections
General Help
What is an API token and what is it for?
What is an API token and what is it for?
Written by Ben Keeling
Updated over a week ago

Imagine you're visiting a website, and you want to access certain features or data from that site. However, the website needs a way to make sure you're authorized to access those specific things. This is where an API token comes into use.

An API token is like a digital "key" that the website gives you. It's a unique string of characters that serves as a form of identification and permission. When you request access to certain parts of the website or its services, you include this token in your request. Think of it as showing your ID to a security guard before entering a restricted area.

The website's server receives your request, checks the API token you provided, and verifies whether you have the necessary rights to access the requested features or data. If the token is valid and has the appropriate permissions, the server allows your request and provides you with the data or functionality you asked for. If the token is invalid or lacks the necessary permissions, the server will deny your request.

This is why we will sometimes require your API token from a third-party website, as the third-party need to make sure we have the correct identification, and permission from you, in order to access your assets and to import them to our website, or export assets from our website to theirs.

In simpler terms, an API token is like a special pass that allows you to interact with a website's behind-the-scenes functions in a secure and controlled way.

It's commonly used to:

  1. Authenticate: Prove that you're a legitimate user and have the right to access certain parts of the website or its services.

  2. Authorize: Specify what specific actions or data you're allowed to access or manipulate.

  3. Secure: Protect sensitive data and functions by ensuring only authorized users can use them.

  4. Track Usage: Help the website keep track of who's using its services and how they're being used.

  5. Monitor Limits: Enforce usage limits, such as the number of requests you can make within a certain time period.

So, when we ask for your API token for third-party websites when you are using the website, think of it as us asking for your digital key that lets us unlock specific doors, and access the services we need to, in order to receive your assets, whilst also keeping everything secure.

Did this answer your question?