API tokens
Now that you are ready with your setup, we do warmly recommend testing it out with our Management Applications, to ensure that everything is working well regarding your setup. Once you are happy with the result, go ahead and integrate our platform to your application!
For each framework we have both an SDK file, and a base app that can be used as the starting point for app development.The API key can be obtained from the portal. On the portal, go to Applications (on the left panel). The Token is the API key. If you click on the key, it will pop up in a new window, where you can copy it.
There are two kinds of tokens: Mobile and Master tokens.
Master token
Master token is the key to all of your account’s features. The Master token will grant access to all objects and all operations (CREATE, READ, UPDATE and DELETE). This is especially meant to be used when doing REST API calls with our endpoints. We strongly advise you to use this token with care and only use it in the mobile app when it is detrimental to the functionalities of the app.
There can only be one master token and this token cannot be deleted or changed. If you believe the master token has ended up in the wrong hands, please inform us immediately and we will change it for you.
Mobile token
On the mobile side we have made some precautionary security measures to prevent your master token ending up in the wrong hands. With the mobile token you get access to all objects with limited operations. If this token ends up to the wrong people, they don’t have the ability to delete and create any crucial elements of your setup.
With the Mobile token you READ for core objects like places, geofences etc. and READ & WRITE for position updates and event. This token is recommended to be used within mobile applications when using our SDK. This applies when you are integrating our SDK into your own application, when you are asked to provide our auth_token, you should use the Mobile token for this matter.
There are exceptions to using the Mobile token in apps. In use cases where the app requires functionalities like CREATING and DELETING objects within the app, you would need to use the Master token.
You can create multiple Mobile tokens to with different setups and they can be changed and deleted, if needed.