You'll need to authenticate your requests to access any of the endpoints in the K-LINK API. In this guide, we'll look at how authentication works.K-LINK allows you to quickly authenticate your API requests using Personal Access Tokens (Bearer Tokens) scoped directly to your specific tenant.Step 1: Navigate to API Tokens#
1.
Open your K-LINK dashboard.
2.
Scroll down the left sidebar menu to the Settings -> Channels & Integration section.
Step 2: Issue a New Token#
1.
On the API Tokens management page, click the + Issue Token button in the top right corner.
2.
Enter a descriptive Name for your token (e.g., Local Testing or Production Integration) so you can easily track its purpose.
3.
Select the required Abilities (scopes/permissions) your token will need.
4.
Set an Expiration date according to your security requirements.
Step 3: Copy and Secure Your Token#
⚠️ Important: Your full token will only be displayed once upon successful creation. Copy it immediately and store it in a secure location (such as a password manager or environment variable). You will not be able to retrieve or view it again after closing the window.
Authenticating Requests (Bearer Token)#
Once you have generated your personal access token, you must include it in the Authorization header of your HTTP requests as a Bearer token.Here is how to add the token to your request header using cURL:Managing Your Tokens
From the API Tokens dashboard, you can monitor and manage your credentials at a glance:Track Usage: View the exact timestamp of when a token was Last used.
Check Status: Easily see if a token is Active, Expired, or Revoked.
Revoke Tokens: If a token is no longer needed or if you suspect it has been compromised, click the three dots (...) under the Actions column and select Revoke to immediately invalidate it.
Always ensure that your personal access tokens are kept secure. Never hardcode them into client-side code, public repositories, or shared documents. Reset or revoke them immediately if you suspect they have been compromised.
