In Trustcenter you can generate and use various types of tokens.
- Tennant-wide 'personal access tokens'. They are generally destined to be used by physical people. You create them in your profile. Each user can create and visualise their personal access tokens, Nobody else but this user can list, delete, rename the PAT. You can see them in the User role table in the end of the table.
- Tennant-wide API keys - those are "read only API keys" but in the new TC they can be also "read & write". They are generally destined to be used by machines, CICD pipelines. You can only see the API key string or personal token string itself on creation, this is supposed to be a secret. However everyone can list "metadata" of those keys. They are composed of "signer_id" and a hash.
- Project-wide : These are the ones we are calling 'API keys'. Can be "read only" or "read & write". They are generally destined to be used by machines, CICD pipelines. You can only see the API key string or personal token string itself on creation, this is supposed to be a secret. However everyone can list "metadata" of those keys. They are composed of "signer_id" and a hash.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article