Management Tokens provide read-write access to the content of your stack. It is a credential—used along with the stack API key—to make authorized Content Management API (CMA) requests for managing content of your stack.
A management token with READ & WRITE permissions can perform all actions on the following modules:
- Content types
- Users (Except adding and removing users to/from a stack)
- Publish Rules (Except set up publishing rules that require approval of users or roles)
- Audit Log (Read-only)
- Publish Queue
A management token with just READ permissions can be used to make all GET requests for the modules mentioned above.
Note: Management tokens cannot be used for the following modules: organization, stack, user session, and tokens.