Authentication with Personal Access Token

To authenticate with the sipgate REST API, you can use personal access tokens. Long-term, these will replace the basic auth procedure. So if you are just getting started with sipgate.io, personal access tokens are the way to go.

They use a unique combination of token id and token instead of the usual username and password combination for authentication (basic auth).

Compared to basic auth, personal access tokens are more secure:

  • Finer control through scopes lets you manage authorizations
  • Scopes let you limit access to certain areas of the account for certain tokens
  • You can easily delete compromised tokens
  • No need to send username and password over the network
  • If you enabled 2-factor authentication, this also protects generating tokens

Note: You can create, manage and delete your personal access tokens in your account.

Note: When assigning scopes (authorizations), make sure that you only assign the scopes that are required for your application. Granting unnecessary access represents a security risk.

Examples of how you can use a personal access token to authenticate with the API can be found in our documentation.


Was this article helpful?