Management Token FAQs

Both management token and authtoken give you read-write access to a stack and you can use them to make authorized CMA requests. However, an authtoken is a user-specific token, which means that your personal user details are attached to every API request that you make using the “Auth Token.” 

Management tokens, on the other hand, are stack-level tokens with no users attached to them. Since they are not personal tokens, no role-specific permissions are applicable to them.

Learn more about the different types of tokens to get a detailed information about tokens

There is a maximum limit of 10 valid tokens that can exist per stack at a time, to execute CMA requests. If you already have 10 valid tokens, creating a new management token will automatically cause the oldest management token to expire without warning. 

Learn more about the limitations on the use of management tokens.

No, only the admin and owner of a stack can generate management tokens.

Yes, management tokens can be used to create, read, update, and delete published as well as unpublished (draft) content of your stack, irrespective of the publishing environment.

Yes, you can set an expiration limit for the management token of your stack. Alternatively, you can also opt to generate a management token without an expiry date.

Learn more about setting expiration limits while generating a management token.