Docs‎ > ‎Security‎ > ‎

Auth Tokens

Every REST call must be done with an Auth Token (with a few exceptions).  Any call that does not include an Auth Token will return immediately with HTTP status code 401.

An Auth Token is a (typically) long string with 2 nodes, such as demo_full:1 The first part is the Auth Token (demo_full). The second part is currently unused, but will be used for stronger authentication in a future release.  Internally, the system maps this to your roles for authorization.


The Key value is a random generated system value or a user provided string that is passed to internal application developers to use with specific role security.


An Auth Token can be assigned to one or more roles.


Use the logging tab to set various internal log levels for specific user generated Auth Tokens.