What is an API Token?
An API token (or device password) is a credential that allows applications and scripts to authenticate with the API. API tokens provide better security since they can be revoked independently without changing your main password, and you can create multiple tokens for different purposes or applications.
How to obtain an API Token
Create new device
To authenticate with the API using Basic Auth, you can create a dedicated device password:
1. Go to „Personal settings“
2. Open the „Devices“ tab
3. Click „New device password“
4. Enter a name for the device
5. Click „Save“
The system will display the device ID and password. You can use these credentials to log in to the API.
Note: The password is only shown once when created. However, you can regenerate it at any time by clicking „Change password“.
If you dont see the action: If you cannot see the „Devices“ tab or the option to create a device password, you are missing the „Synchronization“ permission. Please contact your administrator to grant you this permission.
Create an API Token via API
You can also create an API token directly through the API. This automatically creates a new device and returns the token for authentication.
Send a POST request to the endpoint `api/device` with your email, password, and device name.
{
"email": "test@5point.de",
"password": "password",
"deviceName": "test5p",
"deviceType": "de.fivepoint.other"
}
You will receive a response containing the API token:
{
"_url": "",
"_id": 187765573,
"_idKey": "161",
"deviceName": "test5p",
"deviceType": "unknown",
"token": "sSQkCRJamjjAGYw6FY588KmEk",
"apiHost": "",
"externalAccess": false,
"user": {
"caption": "Test user",
"title": "user",
"href": "",
"value": 187765427,
"idKey": "901"
}
}
Use the token field for authentication in subsequent API requests.
Important: This method is not available if Two-Factor Authentication (2FA) is enabled. In this case, please create a device password through the web interface as described above.