How to Create a Personal Access Token

To use the API, you’ll first generate a personal access token. Personal access tokens function like ordinary OAuth access tokens. You can use them to authenticate to the API over Basic Authentication or instead of a password for DigitalOcean over HTTPS.

Keep your tokens secret. They function like passwords. Do not hard code your tokens into programs where they may accidentally be released in version control and are harder to rotate. Instead, use environmental variables. If a token becomes compromised, delete it to revoke that token’s access.

To generate a personal access token, log in to the DigitalOcean Control Panel.

Click the API link in the main navigation, which takes you to to the Applications & API page on the Tokens/Keys tab. In the Personal access tokens section, click the Generate New Token button.

This will open a New personal access token window:

New Personal Access Token screen

In this window, fill out the fields as follows:

  • Token name. Choose a name for the token. This is for your own reference.

  • Select scopes. You can create tokens with read-only or read-write scope:

    • read scope lets you list and retrieve information about all resources on the account.

    • write scope lets you create, delete, and modify all resources on the account.

When you click Generate Token, your token will be generated and presented to you on your Personal Access Tokens page. The actual token is the long string of numbers and letters, under the name:

New Personal Access Token screen

Be sure to record your personal access token. For security purposes, it will not be shown again.