API Token Create Form
API token form with scope checkboxes, an admin warning line, expiry select, and a shows once footer notice.
API token form with scope checkboxes, an admin warning line, expiry select, and a shows once footer notice.
The Application Collection unlocks the source for every Application block. All Access unlocks every Collection.
Already purchased? Log in
API Token Create Form is the token generation surface: a name Input with the audit log note (shown next to everything this token does), scope Checkbox rows in a divided list (Read checked, Write checked, Admin unchecked), and an expiry Select defaulting to 90 days. The Admin scope carries its own warning line: admin can delete projects and rotate other tokens, most integrations never need it. The no-expiry option is labeled plainly in the Select: no expiry (allowed, audited, discouraged).
Scopes are a const array with checked, description, and warning fields. The footer states the shows-once rule clearly: the token is shown once, right after creation, we store a hash, never the token itself.
Reach for this block on the developer settings or API access page, wired to POST /tokens. Display the raw token value in a copy-to-clipboard dialog immediately after creation and then never again.
A natural flow around it on an Application Pro page:
Before
After
One strong use is the personal API token creator. Other token forms:
Tip: put the shows-once warning in the footer before the button, not in a toast after; users need to see it before they click.