[Intum Help](https://intum.com/help.md) / [Account](https://intum.com/help/account.md)

# [API Tokens](https://intum.com/help/account/api-tokens.md)

## API Tokens

API tokens enable request authentication without logging in — used by integrations, scripts, and external applications.

## Creating a Token

When creating a token, you set:

- **Name** — description of the token's purpose (e.g., "CRM Integration", "Import Script")
- **Code** — unique token identifier within the account
- **Permissions** — optional restriction of the token to selected permissions. A token without restrictions has the same permissions as the user who created it
- **Expiration date** — optional date after which the token stops working
- **Status** — active/inactive

## Using the Token

You pass the token in HTTP requests in one of two ways:

```
Authorization: Bearer TOKEN
```

or as a URL parameter:

```
?api_token=TOKEN
```

## Usage Monitoring

The system tracks:
- Date of the token's first use
- Date of last use
- Number of calls

## Integration Tokens

Some integrations (e.g., with external services) generate their own tokens with an integration code. Each integration can have at most one token per account.

## Security

- The token is fully visible only at the moment of creation — afterward, only a hash (fingerprint) is stored
- Unused or expired tokens should be deactivated
- Tokens with limited permissions are more secure than full-access tokens