Talk2M API > API Tokens

What is an API Token?

API tokens are a way to log on your account as a specific user/device but limited to API usage only.

A token is a string of maximum 50 characters (ASCII numbers and letters, uppercase and lowercase).

The Talk2M account administrator creates a token for each application or 3rd party platform that they plan to use.

The API Token allows access to the Ewons of the specified pool.

All tokens are referenced and managed in a list accessible via the Account page in eCatcher

The list of tokens is created and maintained in a specific section of the Account page in eCatcher.

Why using Token instead of user credentials?

The first implementation of the Datamailbox API was base on the Talk2M Credentials.

Most of the API usage don't require any access to the eCatcher account or Ewons,

We switched to a API token system, adding a extra layer of security by allowing only access to the API functions and retrieves data of specific Ewons.

Usage of the API tokens?

With the API tokens, all the authentication parameters are replaced by:

•t2mtoken

Important: For security reasons, this parameter is only available in HTTP POST queries.

To preserve compatibility with existing applications that do not support the t2mtoken parameter,

the parameters t2maccount, t2musername & t2mpassword can be used with a token in the following way:

•t2maccount = account name

•t2musername = 't2m-api-token'

•t2mpassword = token

However, this will only work if in the application POST HTTP queries have been used.
GET HTTP requests will receive an HTTP 405 – Method Not Allowed error.