The Web Services REST API token is a value that identifies and authenticates a user when performing a call to the Web Services REST API. It is recommended that a user take the appropriate precautions to prevent this value from being disseminated. For example, a user should never leave a MCC session unattended.
Only users that have been granted API access may view or generate a unique Web Services REST API token. Your administrator may grant API access to your account by defining the set of HTTP methods that you will be allowed to perform.
Learn more.
View your Web Services REST API token from your profile.
If you suspect that a token value has been compromised, then you should perform the following steps:
To generate a new primary token
Navigate to your profile by clicking View Profile from the user settings menu.
To delete a backup token
Navigate to your profile by clicking View Profile from the user settings menu.
Web Services REST API tokens should be treated like any other security credential or password. It is paramount to keep this type of token as secure as possible. We have observed incidents in which customers lost control of their Web Services REST API token and then experienced unauthorized access on their account.
The following precautions are recommended:
Perform general administrative security tasks on a regular basis. These tasks include:
Administrative User(s) Only: Heed the following precautions: