Service tokens always start with
knock_st_ and are different from your Knock API keys as they authenticate requests to the Knock management API only.
To use the management API or CLI, you will first need to generate a service token and use it as a means of authentication when sending requests.
To generate a service token, go to the "Service tokens" tab in your account "Settings" page and click the “+ New token” button.
Please note: once generated you cannot see a service token again from the Knock dashboard, so be sure to copy it to a secure location.
Service tokens can be revoked under the three-dot menu and by clicking on "Delete token". Deleting a token will immediately revoke its ability to be used against the Knock management API and CLI.
Can I use a Knock service token against the Knock API?
No, a service token can only be used against the Knock Management API and not the Knock API.
How can I know which changes were made by a specific service token?
Changes made via the Management API will appear as audit logs, similar to changes made manually in the dashboard, but attributing the service token used to make the change as the author. In addition, internally we audit requests and tie them back to a corresponding service token. If you need further help understanding which request originated from a service token, please contact our support team.