Access Tokens are shared secrets between the account user and Beebotte. They grant their holder access to Beebotte API. The user is responsible for keeping them safe.
In order to revoke access granted to a token, the user can:
A Channel Token can be regenerated using the Web Console by selecting Create new token
from the channel settings drop down.
Beebotte API gives the possibility to regenerate Channel Token
programmatically. Channel Token authentication provides read and write access to only one channel: the one the token is associated with. If you think the token was compromised
, you can simply regenerate a new token for the corresponding channel. This can be done as follows:
Channel Token Regeneration operation require authentication
using the account API and Secret Keys
or using an IAM Token
with admin:channel:write
access.
Regenerating a new channel token will invalidate the old token. Any connection using that old token will be dropped. Don't forget to update your application or connected devices with the new token following the regeneration.
bclient.regenerateChannelToken('channel1', function(err, channel) { if(err) console.log(err); // On success channel.token is the new generated token console.log(channel.token); });
channel = bclient.regenerateChannelToken('channel1') ## channel.token is the new generated token print channel.token
// This operation is not available yet!
// This operation is not available yet!
IAM Tokens can be managed from the Access Management
tab in the Account Settings
page. A token can be revoked simply by clicking on revoke
button in IAM tokens list.
Beebotte API gives the possibility to revoke IAM Tokens
programmatically. IAM Tokens provides custom access to Beebotte. If you think the token was compromised
, you can simply revoke it. This can be done as follows:
Revoking an IAM Token requires authentication
using the account API and Secret Keys
or using an IAM Token
with admin:iam:write
access.
Revoking an IAM Token will delete it completely from the user account. Any connection using the revoked Token will be dropped.
bclient.deleteIAMToken('tokenid', function(err, tkn) { if(err) console.log(err); // On success the token will be deleted });
# This operation is not available yet!
// This operation is not available yet!
// This operation is not available yet!