About Management Tokens

Management Tokens are secure credentials that grant read-write or read-only access to the content within your stack. When used in combination with the stack API key, they authorize requests made via the Content Management API (CMA), enabling you to programmatically manage the content of your stack.

Note: A management token can be assigned to all or specific branches and aliases, giving you flexibility in how content access is controlled. For more information, refer to our Global Modules document.

A management token with read-write permissions can perform all possible actions on the following modules:

Entries
Assets
Content types
Labels
Extensions
Releases
Environment
Languages
Webhooks
Roles
Users (Except adding and removing users to/from a stack)
Workflows (Except for changing workflow stages)
Publish Rules (Except set up publishing rules that require the approval of users or roles)
Audit Log (Read-only)
Publish Queue

A management token with just read permissions can be used to make all GET requests for the modules mentioned above.

Note: Management tokens cannot be used for the following modules: organization, stack, user session, and tokens.

About Management Tokens

Key Features of Management Tokens

Why Management Tokens

How is it different from Authtoken

Generate a Management Token

Edit a Management Token

Delete a Management Token

Limitations of Management Tokens