1 of 7

API Tokens

The Marketplace Platform uses API tokens to authenticate requests to the REST API . Your API token must be included in the "Authorization" HTTP header with the "Bearer" prefix for authentication. For example, the following request could be used to retrieve a list of Buyers:

GET https://api.platform.softwareone.com/public/v1/accounts/buyers
Authorization: Bearer {TOKEN_VALUE}

Your API keys have permissions assigned to them, so keep them secure. Do not share your secret API keys in public areas like GitHub or client-side code. All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.

API tokens interface

Account administrators can access the API tokens page by navigating to the main menu and selecting Settings > API tokens.

The page displays all tokens that have been created in your account. For each token, you can view the following information:

API token - Displays the name of the token and its marketplace identifier.
Modules - Displays the total number of modules that the token has access to. In cases where only one module is within the scope, the module name is displayed.
Created by - Displays the name and marketplace ID of the person who created the token.
Date created - Displays the date and time when the token was created.
Last access - Displays the date and time when the token was last used.
Status - Displays the current status of the token. For more information on the status, see Token States.
Actions - Displays options that allow you to manage the API token. Depending on the status of the token, you can enable or disable a token, delete the token permanently, or edit token details.

Token details page

The details page of a token displays additional information about the token. You can open the details page by clicking the token name on the API tokens page.

What can I do on this page?

From the details page, you can complete the following tasks:

Edit an API token
Delete an API token
Enable or disable a token

When you open the details page, it shows the token's name, marketplace ID, and status. The page also contains the following tabs that display corresponding information:

General - Displays the token's description and allows you to show, hide, and copy the values.
Modules - Displays the modules that the API token has been granted access to within the scope of an account.
Details - Displays the date and time information for your selected token, for example, the date and time when the token was created.
Audit trail - Displays an audit trail of all changes and events within the token account. For each audit record, you can view the log details and summary. To learn more, see Audit Trail.

Token States

A token can have multiple states during its lifecycle in the Marketplace Platform.

The following diagram shows the possible states and the transition between these states:

These states are displayed as Status within the platform. They are also displayed as an icon beside the token name and ID on the details page.

Create API Token

The Marketplace Platform lets you create API tokens through the user interface (UI).

Create an API token

Follow these steps to create a token:

Navigate to the API token page (Settings > API tokens).
Click Add. The Add API token page opens.

In the General section, provide the following details and then click Next.
1. Logo - (Optional) Add an image for your token. You can select a file to upload or drop your file to the selection area. By uploading an image, you can easily identify your token from the list of tokens.
2. Name - (Required) Enter a name for your token.
3. Description - (Optional) Add a description token description.
In the Modules section, select the modules which the token will allow access to and click Next. Note that only the modules that SoftwareOne has enabled for your account are displayed in this section.

In the Overview section, review the details and click Add. Your token is created and the token summary is displayed.

Click View details to open the details page of your newly created token. Otherwise, click Close to close the page.

Edit API Token

You can update an API token’s description and change the access scope using the platform's user interface (UI).

Edit an API token

Follow these steps to update your token:

On the API token page (Settings > API tokens), find the token you want to update.
Do one of the following:
- Click the actions icon (•••) and select Edit.
- Click the token. When the details page opens, click Edit in the upper right. The Edit API token page opens.

Change the General settings as necessary:
- Name - Update the token's name.
- Description - Update the token description.
Update the access scope for the Modules as necessary. Use the checkboxes to select or clear modules as required.
Click Save. A confirmation message is displayed stating that your token has been updated.

Copy API Token

You can easily copy an API token if you need to use it in your application.

Copy an API token

Follow these steps to copy a token:

Navigate to the API token page (Settings > API tokens).
Find the token to copy and click the token name. The details page of your selected token opens.

From the General tab, do the following as needed:
- To copy the endpoint, click the copy icon for the API endpoint.
- To copy the token value, click the copy icon for the API token.
- To show the token value, click the eye icon. To hide the value, click the icon again.

A confirmation message is displayed when the values are copied successfully.

Delete API Token

If you no longer need a token, you can delete it through the platform's interface. Before deleting a token, note the following points:

A deleted token cannot be reinstated or reused.
Deleting a token removes it from the account, which means that the token is no longer displayed on the API Tokens page.

Delete an API token

Follow these steps to delete an API token:

On the API token page (Settings > API tokens), find the token you want to delete.
Click the actions icon (•••) and select Delete.

Alternatively, click the token name. When the details page of your selected token opens, click the down arrow next to Edit and select Delete.
In Delete API token, confirm that you want to delete the token.

A message is displayed stating that the API token has been deleted successfully.

Enable or Disable API Token

You can disable an API token temporarily and enable it again when required easily through the platform. Before disabling a token, note the following points:

Disabling does not but makes it inactive until it is enabled again. When a token is disabled, any attempts to access the endpoint return an error.
The Enable option is shown only if you've disabled the token previously.

Enable or disable a token

Follow these steps to manage the token:

On the API tokens page, find the token you want to enable or disable.
Click the actions icon (•••) and select Enable or Disable. The following image shows the Disable option:

Alternatively, click the token name. When the details page of your selected token opens, click the down arrow and select Enable or Disable.
Confirm that you want to change the status of your token.

A message is displayed stating that the operation is successful. You can view the updated status of your token in the Status column on the API token page.