Authorisation & Permissions
API tokens have access to everything in your Claimable account.
API tokens assume admin-level privileges and therefore grant access to all the data in your Claimable account, without the same role-based protections that apply to normal users.
There are no granular roles or permissions for API tokens and they authorise the bearer to access all endpoints and perform all API operations, so you should treat them as you would an admin or super-user password!
API Token Security
Always keep your API tokens confidential and never share them outside your company or commit them to source control.
See Securing API Tokens for guidance and best practice.
Updated about 4 years ago
What’s Next