TelemetryOS API tokens provide bearer authentication credentials for programmatic access to account resources and enable automated reseller account provisioning workflows. Each token represents a secure authentication credential with account-level permissions equivalent to the creating user's access scope.

API Token Architecture

API tokens function as long-lived authentication credentials that enable programmatic interaction with the TelemetryOS API without requiring username/password authentication. This architecture supports automation scenarios including CI/CD pipelines, monitoring integrations, and bulk device management operations.

Each token includes a descriptive name for identification and audit purposes. Token names should reflect the token's intended use case or the system that will consume it, enabling clear tracking of which integrations hold active credentials.

Token Security

API tokens implement single-view security constraints where the complete token value displays only once at creation time. This security model prevents token value retrieval after initial generation, reducing exposure risk in the event of account compromise.

Token values become permanently inaccessible after the creation interface closes. If a token value is lost or compromised, the security model requires token deletion and generation of a replacement credential. This approach ensures that token rotation follows explicit revocation rather than value retrieval.

Tokens should be stored securely in credential management systems (like environment variables, secret managers, or encrypted configuration files) immediately upon generation. The single-view constraint prevents casual token exposure in browser history, screenshots, or shared screens during normal operations.