An access token is an opaque string that identifies a user or a user's priviledges and can be used by applications to make API calls to Stella.
The token includes information about when the token will expire and which user generated the token. There are different scopes and permissions of access tokens to support different use cases:
|Access Token Type||Description|
|bot:admin||Grant all Bot APIs access|
|bot:sendResponses||Grant permissions to send responses on behalf of bot|
|bot:redirectMemberToNode||Grant permissions to redirect member to node on behalf of bot|
|api:admin||Grant all APIs access|
|integration:admin||Grant all Integration APIs access|
|integration:write||Grant permissions to create & update Integration|
|integration:delete||Grant permissions to delete Integration|
|file:admin||Grant all File APIs access|
|file:waGet||Grant permisisons to get file url by WhatsApp media ID|
|member:admin||Grant all Member APIs access|
|member:read||Grant permissions to read Member list by |
|member:write||Grant permissions to create & update Member|
Access Token Generation
Access tokens are generated via the following method.
Head to "Access Token" under "Settings".
Go to "Generate Access Token".
- Choose the expiration date & time. If you do not select any time, the token will be long-lived.
Select the scope and permissions you require in the access token.
- Copy your generated Access Token.
- Head to Active access tokens.
- You can do the following action:
|Access Token||The generated Access Token; You may click to copy the token|
|Scopes||The scope & permission of the Access Token|
|Issuer||The issuer of the Access Token|
|Expired At||The expiration time of the Access Token; "Never" means the token is long-lived|
|Revoke||Revoking the Access Token will render it useless|