Introduction

Bridgecrew API Tokens can be used for integration of the cloud platform with tools such as Checkov, CircleCI and our Visual Studio plugin. Tokens also allow you to use our APIs (for example, for Custom Policies or Triggering Scans).

Token Basics

• Tokens are specific per user and enforce the role and permission assigned to that user within the organization.
• Users who are designated as Owner can view tokens for all users and, if necessary, delete them.
• You can implement key rotation with our Token APIs for Create, Delete and List.

📘

Note

Note that legacy organization-wide tokens can still be used but we advise generating new tokens, per user.

Viewing, Adding and Deleting API Tokens

Adding an API Token

To create a new API token:

1. From Integrations or the menu at the top-right of Projects, select API Tokens.
2. Select New API Token.
3. Enter a Token Name and Description (optional) and select Create.

📘

Note

UUIDs are unique but Token names may be reused.

4. Copy and save your new Token in a secure location.
   It will not be available later.

5. Select Done.
   The new Token will be displayed in the Tokens Grid.

Viewing Tokens

After a single API Token has been created, when you select API Tokens from Integrations, you will see a list of existing API Tokens.

Deleting Tokens

To delete a Token, hover over the Token's creation date and select Delete.
You can delete your own token and an owner can delete other users’ tokens.