Create and Manage API Tokens
API tokens let you communicate with Mondoo's GraphQL API. With API tokens, programs can authenticate with the Mondoo API, which is useful for incorporating Mondoo in different workflows and automation.
The API token you generate can provide access to a single space or all spaces within an organization.
Only team members with Editor or Owner access can perform this task.
Generate an API token for access to a single space
-
Navigate to the space in which you want to create an API token.
-
In the left navigation, select Settings. Then select the API Tokens tab.
-
Select the plus symbol on the right of the page.
-
Enter a unique name and description for the token that help you recognize its purpose.
-
Check the Mondoo permissions you want to give to programs that use this token:
-
Viewer permissions let the program browse most information in the space but not make changes.
-
Editor permissions let the program make all changes possible in the space except deleting the space or reporting scan results.
-
Owner permissions let the program make all changes possible in the space except reporting scan results.
-
Agent permissions let the program read and use policy bundles and query packs and report the results to the space.
-
-
Select GENERATE API TOKEN.
Generate an API token for access to all spaces in an organization
-
Navigate to the organization in which you want to create an API token.
-
In the left navigation, select Settings. Then select the API Tokens tab.
-
Select the plus symbol on the right of the page.
-
Enter a unique name and description for the token that helps you recognize its purpose.
-
Check the Mondoo permissions you want to give to programs that use this token:
-
Viewer permissions let the program browse most information in all spaces in the organization but not make changes.
-
Editor permissions let the program make all changes possible in all spaces in the organization except reporting scan results or deleting the organization or spaces.
-
Owner permissions let the program make all changes possible in the space except reporting scan results.
-
Agent permissions let the program read and use policy bundles and query packs and report the results to spaces in the organization.
-
-
Select GENERATE API TOKEN.
Change an API token's permissions
-
Navigate to the organization or space containing the API token.
-
In the left navigation, select Settings. Then select the API Tokens tab.
-
Search for or scroll to the API token you want to change and select it.
-
Select the PERMISSIONS button.
-
Change the permissions as desired. To learn about each permission, read the previous sections.
-
Select the SET PERMISSIONS button.
Delete an API token
-
Navigate to the organization or space containing the API token.
-
In the left navigation, select Settings. Then select the API Tokens tab.
-
Search for or scroll to the API token you want to delete and select it.
-
Select the DELETE button and select the DELETE button to confirm.