Skip to main content

API keys and PAT tokens

API keys and PAT tokens are authentication methods enabling you to manage your data via REST API.

Project API keys

info

The API key format was changed in version 2.38.0. Now all API keys have the tgpak_ prefix. However, if you provide legacy API key to the header or to query param, it will be accepted.

Project API keys are useful to manipulate project resources like keys, translations, or screenshots. You can use them as an authentication method for Tolgee integration libraries.

The Project API key

  • Authorizes access to single project resources
  • Allows specifying permitted scopes

You can manage all your API keys via the Project API keys section in the user account menu. To access your API keys, open user menu (Avatar in Top right) and select Project API keys.

In this section you are able to generate, edit, delete or regenerate your keys.

Generation

Project API keys can be generated by accessing user menu (Avatar in Top right) > Project API keys > + ADD button.

Then you can generate a project API by filling in required fields and selecting scopes.

API key generation

Regeneration

If you want to obtain a new Project API key value, you can regenerate it by clicking the REGENERATE button. Then you can select new expiration date.

Usage

To access REST API endpoints with a Project API key, you can provide the API key via the X-API-Key header or via the ak query param. We don't recommend using the ak query param anymore, since it can be stored in server logs.

Example using header (recommended):

curl "https://app.tolgee.io/v2/api-keys/current" -H "X-API-Key: tgpak_mmztgz2hmaxts2rynu3w6zlkobsksksnfvg6mlrgq2gc2dq"

Example using query param (not-recommended):

curl "https://app.tolgee.io/v2/api-keys/current?ak=tgpak_mmztgz2hmaxts2rynu3w6zlkobsksksnfvg6mlrgq2gc2dq"

Personal Access Tokens (PAT tokens)

PAT tokens authorize a user to work with all resources the user has access to, except resources managing the PAT tokens and other sensitive endpoints.

info

The Personal Access Tokens were released in version 2.38.0.

You can manage all your Tokens via Personal Access Tokens in the user account menu. To access your API keys, open user menu (Avatar in Top right) and select Personal Access Tokens.

Generation

Project API keys can be generated by accessing user menu (Avatar in Top right) > Personal Access Tokens > + ADD button.

API key generation

Regeneration

If you want to obtain a new Token value, you can regenerate it by clicking REGENERATE in the Personal Access Tokens section. Then you can select a new expiration date.

Usage

To access REST API endpoints with an API key, you can provide the token via header.

Example using header:

curl "https://app.tolgee.io/v2/user" -H "X-API-Key: tgpak_1ie2r677h65bjlb903m5go6bp9k8j6uf7r3v5cs9roacjac4ccuu"