HomePlatformSolutionsArcIn AIResourcesCustomers
Login Request Demo Free Trial →

API Tokens

API tokens authenticate scripts, CI pipelines, and integrations against the Applicare API. Tokens inherit a role and scope, can expire, and are fully auditable.

🕐 4 min readv7.xUpdated Jun 2026

Creating a token#

Under Settings → API Tokens, create a token, assign it a role (least privilege), and set an expiry. The secret is shown once — store it in your secret manager immediately.

curl -H "Authorization: Bearer $ARC_TOKEN" \
     https://applicare.yourco.com/api/v1/hosts

Scoping & least privilege#

Give a token only the permissions it needs. A metrics-export job should use a read-only token scoped to the relevant services, never an admin token. See API Authentication for the full auth model.

Rotation#

Rotate regularly. Set expiries, rotate on a schedule, and revoke immediately if a token may be exposed. Revoked tokens stop working instantly and the event is logged in the audit trail.

Was this page helpful?
Can't find what you need?
Ask ArcIn or reach our support engineers.
Contact Support →