Management Token FAQs
Both management token and authtoken give you read-write access to a stack and you can use them to make authorized CMA requests. However, an authtoken is a user-specific token, which means that your personal user details are attached to every API request that you make using the “Auth Token.”
Management tokens, on the other hand, are stack-level tokens with no users attached to them. Since they are not personal tokens, no role-specific permissions are applicable to them.
Learn more about the different types of tokens to get a detailed information about tokens
There is a maximum limit of 10 valid tokens that can exist per stack at a time, to execute CMA requests. If you already have 10 valid tokens, creating a new management token will automatically cause the oldest management token to expire without warning.
Learn more about the limitations on the use of management tokens.
Yes, management tokens can be used to create, read, update, and delete published as well as unpublished (draft) content of your stack, irrespective of the publishing environment.