Access Token Management – Create and Assign a TBA Token
Users assigned a customized role that has the Access Token Management permission can create, assign, and manage a token for other users (except tokens for an Administrator role) in the company. For example, they can assign a token to those users who are assigned a role with only the Log in using Access Tokens permission. Administrators can create tokens for themselves, but not for other Administrators. TBA tokens do not expire. However, it is a good practice to revoke a token after some time, and create a new one.
Tokens created in your production account are not copied to your sandbox during a refresh. To test token-based authentication in your sandbox, you must create tokens in the sandbox account. Each time your sandbox is refreshed, you will need to create new tokens in the sandbox.
To create and assign a TBA token:
-
Log in as a user with the Access Token Management permission.
-
Go to Setup > Users/Roles > Access Tokens.
-
On the Access Tokens page, click New Access Token.
The Access token page appears.
-
On the Access Token page:
-
Select the Application Name.
-
Select the User.
-
Select the Role.
-
The Token Name is already populated by default with a concatenation of Application Name, User, and Role. Enter your own name for this token, if preferred.
-
-
Click Save.
The confirmation page displays the Token ID and Token Secret.
Warning:For security reasons, the only time the Token ID and Token Secret values are displayed is on the confirmation page. After you leave this page, these values cannot be retrieved from the system. If you lose or forget these credentials, you will need to create a new token and obtain new values.
Treat these values as you would a password. Never share these credentials with unauthorized individuals and never send them by email.