By default Database Lab Engine uses a single verification token for authorization of request to its API. For security purposes and more granular control, we recommend enabling access tokens support in Database Lab Engine configuration. In this case, all Database Lab users will have personal tokens which can be revoked individually not affecting others.
- Verification tokens - used for basic authorization of requests to Database Lab Engine API. Can be used for initial setup, but it's not recommended to use in the daily practice.
Access tokens can be used to interact both with Database Lab Engine and Database Lab Platform. To work with the Database Lab CLI/API, generate a new token and use it in the
Verification-Token header of each individual API request. Alternatively, you can if it with the
--token flag during CLI initialization; in this case,
Verification-Token is not needed.
Access tokens allow calling the following functions on the Platform:
- Administrative tokens - used to organize infrastructure.
- Personal tokens - used by individuals to work with API and CLI.
Tokens of both types work in the context of a particular organization. Administrators can manage personal tokens, as well as administrative (impersonal) ones. Users can manage only their own personal tokens.
Create a token
- On the Access tokens page, in the Add token section:
- specify the token name (any string);
- set the expiration date (1 year by default);
- choose access token type using the Personal token checkbox (only for administrators, uncheck to create Administrative token).
- Click the Add token button.
- Save the token, it will not be shown again. You can use the Copy button.
Enable personal tokens support
- Follow Create a token guide to create an administrative access token for the Database Lab Engine to connect to the Platform.
- Add the
platformsection to the Database Lab Engine configuration. For example: