How to create and revoke API tokens


Front's API settings give you the controls you need to manage active API tokens and what resources they can access. Define the access permission scope when you create a new token, monitor your active tokens, and delete them to revoke access at any time.

For details on some of the key use cases of the Front API, check out the API overview article.

Once you've created your token by following the steps below, continue with the developer documentation to learn more about how to make your first API requests.

You must be a Front company admin to manage API tokens.


Create a new token 

Step 1

Click the gear icon on the top right of Front and into the Company settings tab, and select Plugins & API from the left menu.

Step 2

Click the API tab.

Step 3

Click New Token to create a new API token.

Step 4

Set a name and permission scope for the token. To give API access to all team resources, choose Shared resources, or learn about the other permissions scopes below.

Step 5

Click Create.

Step 6

You will now see this token in your list of tokens. Click on the token to access and copy it for use. Learn more about how to use your API token in our Getting Started with the API documentation.

Revoke a token

Step 1

Find the token you want to revoke in your list of tokens, and click the token to open its settings.

Step 2

Click Revoke access to delete the token and revoke its access.

Revoke a partner integration token

When you connect a 3rd party integration with Front via OAuth, you will see the token for that integration listed under Apps with Access. To revoke access for a certain integration, click that token and follow the steps above.

Note: You cannot create a 3rd party OAuth token in your Front API settings — these are only created when you grant access to an integration in the partner's authentication flow.

Token permission scopes

When creating a token, you can choose the appropriate permission scope for what data the API can access in your team's account: 

Shared resources: Access to all team resources. If you use multiple Teams, this option gives API access across all Teams.

Private resources: Access to private resources (individual channels, contacts, conversations, inboxes, messages, rules and tags) of your individual users. However, each user must also grant permission for the API to access their private resources in their individual preferences, or you can do this for them in the Teammates section.

Provisioning: Used to allow control over teammate access to teams and inboxes as well as manage shifts in the public API

Auto-provisioning: Access to Front's SCIM server, which is used to sync users across various systems. You will only see the Auto provisioning option if you have a Scale plan.

Team: {Team name}: Access to team resources only for that particular Team. You will only see Team options if you have purchased the Teams feature for your Front account. 

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like Follow
  • 6 mths agoLast active
  • 3758Views
  • 1 Following