Skip to main content

Access Tokens

Access tokens are a way of tracking activity within an active Stack and your key to using the Syndica API.

Creating an Access Token

Setting up an access token is easy, and you can have several at once to suit the needs of your DApp. To create a new Access Token navigate to the RPC section from your Stack's homepage and then follow the steps below:

  1. Navigate to an Access Tokens page from the left side navigation.
  2. Click on New Access Token in the top right corner

This will take you to the Create Access Token Wizard which will guide you through setting up your token.

Start by creating a unique nickname and setting a Time to Live (max is 1,000 days).

Next, select the resources that this token will be able to access. Selecting Default Elastic Node will automatically manage token access for you.

Finally, you can limit requests from IP address(es) and origin domain(s).

When setting the "Limit Requests by IP address(es)" option keep in mind the following:

  • It will restrict requests to the URL or IP that was specified in the previous step by IP Address
tip

If no IP address is specified, requests from all IP addresses will be accepted.

  • Or Limit Requests By Origin Domain(s)
tip

Note: Wildcard subdomains like *.example.com are supported. If no domain is specified, requests from all origins will be accepted.

Review your selections and click Create Access Token to finish setting up your token. You'll be taken to the details page for your newly created token where you can see important information such as the expiration date, the token itself, resources it's assigned to, and a guide on how to get started.

Revoking an Access Token

If you believe your token has been compromised, or you want to revoke its access for any reason, you can go to the tokens Detail Page and click the Revoke button in the upper right-hand corner. You'll be asked to confirm your action and once confirmed, that token will no longer have API Access.

warning

Revoking a token will immediately cause any API calls using that token to fail, so be sure to update your DApp with a new token before you revoke the old one.