Access Token
An access token is an opaque string that identifies a user or a user's privileges and can be used by applications to make API calls to WOZTELL.
Scope Permissions
The token includes information about when the token will expire and which user generated the token. There are different scopes and permissions of access tokens to support different use cases:
| Access Token Type | Description |
|---|---|
| bot:admin | Grant all Bot APIs access |
| bot:sendResponses | Grant permissions to send responses on behalf of bot |
| bot:redirectMemberToNode | Grant permissions to redirect member to node on behalf of bot |
| api:admin | Grant all APIs access |
| integration:admin | Grant all Integration APIs access |
| integration:write | Grant permissions to create & update Integration |
| integration:delete | Grant permissions to delete Integration |
| file:admin | Grant all File APIs access |
| file:waGet | Grant permisisons to get file url by WhatsApp media ID |
| member:admin | Grant all Member APIs access |
| member:read | Grant permissions to read Member list by externalId or memberId |
| member:write | Grant permissions to create & update Member |
Access Token Generation
Access tokens are generated via the following method. Please head to "Settings" -> "Access Tokens".
Head to "Access Tokens" under "Settings".
Go to "Generate Access Token".
- Choose the expiration date & time. If you do not select any time, the token will be long-lived.
- Select the scope and permissions you require in the access token.
- Select the length of token you would like to obtain. Then, click "Generate".
- The Access Token in the your selected length will be generated.
Management
Under the Active access tokens, the long and short tokens can be viewed in separate tabs.
| Item | Description |
|---|---|
| Access Token | The generated access token, you may click to copy the token |
| Creator | The user who generated the access token |
| Scopes | The scopes & permissions granted |
| Using for | The extension associated to the access token. "Woztell Platform" will be displayed if the access token is just generated by a user instead of an extension. |
| Expired At | The expiration time of the access token; "Never" means the token is long-lived |
If an access token is generated by an extension, the associated extension will be displayed under "Using For". The tokens generated by extensions cannot be deleted manually by a user, unless the associated extension is uninstalled.
To revoke an access token, select "More" and then "Revoke".
