Admin Tokens

Operational guide to generate, rotate, and revoke admin tokens while minimizing exposure risk.

Generate

Create new token (1 year)

Rotate

Invalidate & replace

Revoke

Immediate invalidation

Audit

Track usage & age

Least Privilege

Limit who can issue

Compliance

Meet rotation policies

Token Basics

Aspect	Value
Default Expiry	1 year (newly generated)
Visibility	Shown once at creation dialog
Scope	Console administrative API operations
Not Available For	Super Admin accounts

Copy token immediately; it cannot be retrieved later—only regenerated.

Generate Token

Navigate

Settings → Admin Users.

Options

Click ellipses … next to your admin user.

Generate

Select Generate new token.

Copy

Securely store in secrets manager.

Distribute

Limit distribution to required automation only.

Rotation Strategy

Planned Rotation

Generate replacement token → update dependent services → revoke old (grace window ≤24h).

Unplanned Rotation

Suspected leak → immediate revoke → generate new → notify stakeholders.

Inventory Tracking

Maintain registry: owner, creation date, last used timestamp.

Automation Use

Prefer service-specific tokens rather than sharing a personal admin’s token.

Revoke Token

Self-Revoke
Super Admin Revoke
Post-Revoke

Admin revokes own token via same menu; session invalidated, re-login required.

Errors when revoking: non-admin attempts or unknown username.

Metrics

Metric	Description	Threshold
Active Tokens	Count of valid admin tokens	Unexpected growth → audit issuance
Avg Token Age (days)	Mean age since creation	> 300 → schedule rotations
Orphan Tokens	Tokens with no recent usage (≥30d)	>0 → revoke
Compromise Incidents	Confirmed leaks	Any >0 → tighten issuance policy

Troubleshooting

Issue	Likely Cause	Fix
Cannot generate	Super Admin account	Use general admin account
Token lost	Not stored at creation	Generate new token; revoke old if still active
Script failing after rotation	Not updated credential	Update secret store & redeploy
Revocation error	Username mismatch	Verify exact admin username

Security

Secure Mode & mTLS

Admin Access

Permission governance

Overview

Admin Console

Admin Portal

Analytics Dashboard

Support

Generate

Rotate

Revoke

Audit

Least Privilege

Compliance

Token Basics

Generate Token

Rotation Strategy

Revoke Token

Metrics

Troubleshooting

Security

Admin Access

Overview

Admin Console

Admin Portal

Analytics Dashboard

Support

Generate

Rotate

Revoke

Audit

Least Privilege

Compliance

​Token Basics

​Generate Token

​Rotation Strategy

​Revoke Token

​Metrics

​Troubleshooting

​Related

Security

Admin Access

Token Basics

Generate Token

Rotation Strategy

Revoke Token

Metrics

Troubleshooting

Related