Access tokens with permissioning allows you to give different applications consuming your API different permissions.
When using an API just for querying content and not changing it. Content auth tokens can be created. These auth tokens only allow the service to read the entries that were created and not change them.
Creating a read-only access token
- Go to Project Settings > Access Tokens
- Click on the
+ Create new token
button on the top-right - Name the token and select only the read permission under the permissions field.
- Click on
Create
to generate the token.
Once you create a token, it will be visible in the access tokens table. You can now use it to make read-only api calls.
All mutation errors will throw a 401 Access Forbidden error when tried through a read only token.