The main difference between tokens obtained via API call or border0 login method is their scope and expiry. Token created by issuing border0 login inherit the privilege level of supplied credentials/account and have a short lifetime.

Static Access Tokens, on the other hand, have their privilege scope defined at creation and do not expire until the configured expiry time or when they are deleted/revoked.

Creating an API Access token

To create a token using the portal, navigate to "Organization Settings" on the left menu panel.
After that, select "Access Tokens" and then click the "New" button on the top of the Access Tokens page.

🚧

Remember to Copy the token to clipboard

you will not be able to retrieve it again

📘

Your Admin Token should like this

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJteS1hd2Vzb21lLW9yZy1pZCIsInR5cGUiOiJ0b2tlbiIsInVzZXJfaWQiOiJ0aGlzLWlzLW15LXVzZXItaWQifQ.m6sk5616to2_y_Y4hA2BbjCD_a_h64A7Rs6hWbUWS4k

🚧

TOKENS are secrets!

Make sure you handle and store tokens with appropriate security tools and protocols

There are two types of tokens, member, and admin

• Admin tokens, as the name suggests, have full account privileges.
• Member tokens can create, connect and delete sockets. They can also view everything in the organization. But cannot escalate themselves to admin or make any other organization setting changes.

Using API Access tokens

Tokens can be used in the connector config file, or when using the border0 cli.

To use your newly created access token with the border0 cli you need to make the token available as an environment variable called BORDER0_ADMIN_TOKEN

For examples:

export BORDER0_ADMIN_TOKEN=<TOKEN>
border0 socket ls

or

BORDER0_ADMIN_TOKEN=<TOKEN> border0 socket ls