.. _config-token-ref: Authentication Tokens --------------------- |RCE| has 4 different kinds of authentication tokens. * *API tokens*: API tokens can only be used to execute |RCE| API operations. You can store your API token and assign it to each instance in the :file:`/home/{user}/.rhoderc` file. See the example in :ref:`indexing-ref` section for more details. * *Feed tokens*: The feed token can only be used to access the RSS feed. Usually those are safe to store inside your RSS feed reader. * *VCS tokens*: You can use these to authenticate with |git|, |hg| and |svn| operations instead of a password. They are designed to be used with CI Servers or other third party tools that require |repo| access. They are also a good replacement for SSH based access. To use these tokens you need be enabled special authentication method on |RCE|, as they are disabled by default. See :ref:`enable-vcs-tokens`. * *Web Interface tokens*: These token allows users to access the web interface of |RCE| without logging in. You can add these tokens to an |RCE| server url, to expose the page content based on the given token. This is useful to integrate 3rd party systems, good example is to expose raw diffs to another code-review system without having to worry about authentication. These tokens only work if a certain view is whitelisted under `api_access_controllers_whitelist` inside the :file:`rhodecode.ini` file. .. code-block:: bash # To download a repo without logging into Web UI https://rhodecode.com/repo/archive/tip.zip?auth_token=<web-api-token> # To show commit diff without logging into Web UI https://rhodecode.com/repo/changeset-diff/<sha>?auth_token=<web-api-token> .. _enable-vcs-tokens: Enabling VCS Tokens ^^^^^^^^^^^^^^^^^^^ To enable VCS Tokens, use the following steps: 1. Go to :menuselection:`Admin --> Authentication`. 2. Enable the ``rhodecode.lib.auth_modules.auth_token`` plugin. 3. Click :guilabel:`Save`. Authentication Token Tips ^^^^^^^^^^^^^^^^^^^^^^^^^ * Use Authentication Tokens instead of your password with external services. * Create multiple Authentication Tokens on your account to enable access to your |repos| with a different |authtoken| per method used. * Set an expiry limit on certain tokens if you think it would be a good idea. Creating Tokens ^^^^^^^^^^^^^^^ To create authentication tokens for an user, use the following steps: 1. From the |RCM| interface go to :menuselection:`Username --> My Account --> Auth tokens`. 2. Label and Add the tokens you wish to use with |RCE|. .. image:: ../images/tokens.png