call
Go to Console

 

Token Auth Console Guide

 

This page provides a clear and complete guide to the Token Auth section of the Namirasoft Credential Console. It explains what token authentication is, how Namirasoft Credential stores your token securely, and how to obtain a token from the service you want to connect to.

 

What Is Token Authentication?

Token authentication is a method of proving your identity to a service by presenting a single secret string, called a token, instead of a username and password. Many APIs, platforms, and integrations issue tokens (sometimes called access tokens, API keys, or personal access tokens) so that applications and automated systems can authenticate securely.

 

A token works like a key. Any application that holds it can access the service with the permissions the token was granted. For this reason, a token must be stored and handled with strong encryption.

 

Why Secure Token Management Matters

Storing a token directly in application code, configuration files, or developer machines increases the risk of:

 

  • Accidental exposure in logs or repositories

 

  • Reusing or sharing the same token across many systems

 

  • Lack of rotation or auditing

 

  • Unauthorized access if the token is leaked

 

A leaked token can give direct access to your service with the same permissions it was granted, making it as sensitive as a password.

 

How Namirasoft Credential Secures Your Token

Namirasoft Credential does not store your token. When you create a Token Auth record:

 

  • The Token is sent directly to Namirasoft Secret, where it is fully encrypted and stored as a secret value.

 

  • Namirasoft Credential only keeps a reference to that encrypted secret. It never stores the token itself.

 

  • When a Namirasoft application needs the token, Namirasoft Credential retrieves the encrypted value from Namirasoft Secret and delivers it securely to the requesting app.

 

This way, Namirasoft Secret handles encryption and storage, while Namirasoft Credential handles secure assembly and controlled delivery.

 

Overview of Token Auth Fields and Options

The sections below explain every field visible in the Create and List pages for Token Auth. Understanding these fields will help you store your token correctly and manage it with accuracy, security, and confidence.

 

  • ID (String): This is the unique identifier automatically generated by Namirasoft Credential when a Token Auth record is created. You do not enter or modify this value. It is used internally for tracking, linking, and referencing the Token Auth entry across the Namirasoft ecosystem.

 

  • User ID (Namirasoft Account’s ID): This is the unique ID assigned to the Namirasoft Account that created the Token Auth record. It serves as a link between the credential and the user who owns or manages it.

 

  • Workspace ID (Namirasoft Workspace’s ID): This refers to a workspace created in the Namirasoft Workspace app, which allows users to organize credentials by project, environment, or team. The workspace name is displayed along with the ID, and it links back to the Namirasoft Workspace app where the workspace details can be viewed.

 

  • Name (String): This is a human friendly label you choose to identify the token. Pick a name that clearly tells you which service the token is for, such as Production API Token or Monitoring Service Token. It has no impact on authentication itself.

 

  • Token (String): This is the secret value issued by the service that a Namirasoft application will use to authenticate. Depending on the service, it may be called an API key, access token, bearer token, or personal access token and typically appears as a long string of letters, numbers, and symbols.

     

    Tokens are created by the service you want to connect to, not by Namirasoft.

 

How to Get Your Token?

 

  • Open the service’s API, Developer, or Security settings
  • Generate a new token (also called an API key, access token, or personal access token)
  • Grant only the permissions the integration needs
  • Copy the token and paste it in exactly as provided

 

 

  • Created At (DateTime): This shows the exact date and time when the Token Auth record was first created. This value is automatically set when you create the record and does not change over time.

 

  • Updated At (DateTime): This shows the exact date and time when the Token Auth record was most recently modified, such as when the token was updated or the record was renamed. It helps you track when the credential was last maintained.

Ready to Get Started or Want to Explore the Console Guide?

Get Started Explore Console Guide