Service tokens

Learn more about service tokens on your Knock account and how they are used to authenticate against the Knock management API.

A Knock account service token allows for secure access against the Knock Management API and CLI. It acts as an authentication mechanism for resources under your Knock account.

Service tokens always start with knock_st_ and are different from your Knock API keys as they authenticate requests to the Knock management API only.

🚨
Note: only account owners or admins have the privilege to generate (or revoke) service tokens. Service tokens will inherit the privilege of the owner or the admin that creates the service token, and therefore have full access to the management API.

Generating a new service token

To use the management API or CLI, you will first need to generate a service token and use it as a means of authentication when sending requests.

To generate a service token, from the dashboard go to "Settings," select the "Service tokens" tab, and click the "+ New token" button. Then, provide a name for the token and click "generate" to view and save your newly generated service token.

🚨
Note: once generated, you cannot see a service token again from the Knock dashboard, so be sure to copy it to a secure location.

Revoking a service token

Service tokens can be revoked under the three-dot menu and by clicking on "Delete token." Deleting a token will immediately revoke its ability to be used against the Knock management API and CLI.

Frequently asked questions