API Tokens

Updated at: 08-06-2026 • 1 min read

Go to section

API Tokens
Creating a Token
Using the Token
Usage Monitoring
Integration Tokens
Security

API Tokens

API tokens enable request authentication without logging in — used by integrations, scripts, and external applications.

Creating a Token

When creating a token, you set:

Name — description of the token’s purpose (e.g., “CRM Integration”, “Import Script”)
Code — unique token identifier within the account
Permissions — optional restriction of the token to selected permissions. A token without restrictions has the same permissions as the user who created it
Expiration date — optional date after which the token stops working
Status — active/inactive

Using the Token

You pass the token in HTTP requests in one of two ways:

Authorization: Bearer TOKEN

or as a URL parameter:

?api_token=TOKEN

Usage Monitoring

The system tracks:

Date of the token’s first use
Date of last use
Number of calls

Integration Tokens

Some integrations (e.g., with external services) generate their own tokens with an integration code. Each integration can have at most one token per account.

Security

The token is fully visible only at the moment of creation — afterward, only a hash (fingerprint) is stored
Unused or expired tokens should be deactivated
Tokens with limited permissions are more secure than full-access tokens

Organization

Mail

Helpdesk

WebChat

CRM

Knowledge Base

Forms

CMS

Account

Calendar

Noe

VoIP

Billing

Drive

Feedback

API Tokens

Go to section

API Tokens

Creating a Token

Using the Token

Usage Monitoring

Integration Tokens

Security

Comments