Access Token
An access token is an opaque string that identifies a user or a user's privileges and can be used by applications to make API calls to WOZTELL.
Scope Permissions
The token includes information about when the token will expire and which user generated the token. There are different scopes and permissions of access tokens to support different use cases:
Access Token Type | Description |
---|---|
bot:admin | Grant all Bot APIs access |
bot:sendResponses | Grant permissions to send responses on behalf of bot |
bot:redirectMemberToNode | Grant permissions to redirect member to node on behalf of bot |
api:admin | Grant all APIs access |
integration:admin | Grant all Integration APIs access |
integration:write | Grant permissions to create & update Integration |
integration:delete | Grant permissions to delete Integration |
file:admin | Grant all File APIs access |
file:waGet | Grant permisisons to get file url by WhatsApp media ID |
member:admin | Grant all Member APIs access |
member:read | Grant permissions to read Member list by externalId or memberId |
member:write | Grant permissions to create & update Member |
Access Token Generation
Access tokens are generated via the following method. You can open the settings here,
Head to "Access Token" under "Settings".
Go to "Generate Access Token".
- Choose the expiration date & time. If you do not select any time, the token will be long-lived.
Select the scope and permissions you require in the access token.
Select the length of token you would like to obtain. Then, click "Generate".
- The Access Token in the your selected length will be generated.
Management
Head to Active access tokens. Long and short tokens can be viewed in separate tabs.
You can do the following action:
Item | Description |
---|---|
Access Token | The generated Access Token; You may click to copy the token |
Scopes | The scope & permission of the Access Token |
Issuer | The issuer of the Access Token |
Expired At | The expiration time of the Access Token; "Never" means the token is long-lived |
Revoke | Revoking the Access Token will render it useless |