. Only administrators are able to generate / delete API tokens.
Your API tokens carry many privileges, so be sure to keep them secure! Do not share your secret API tokens in publicly accessible areas such as GitHub, client-side code, and so forth. A generated API token is only displayed once, so be sure to save it. These tokens do not expire.
Authentication is performed via API Token. Provide your API Token in the request header. You do not need to provide a password. All API requests must be made over