Overview
This article describes what personal access tokens are and how to manage them. This includes creation, disabling/enabling, and deleting personal access tokens.
Personal access tokens may only be created, managed and used by users that have been granted the AccessToken organization permission. If you have the permission to grant permissions it can be done by
grant accesstoken on organization <org ref> to user <username>
Creation of access tokens for users that are designated as a service account is restricted to organizational admins.
Access Tokens
Access tokens should be protected to the same degree that you protect your account password!
A person access token is a secondary credential that can be used to login into the Magpie CLI tool or when logging into Magpie via the JDBC connector. Each user is responsible for managing their own set of personal access tokens except with regards to when the tokens may expire. Each organization may determine an appropriate length of time for an access token to be valid.
Managing Access Tokens From Magpie Web UI Account Management Page
To manage your personal access tokens from the Magpie web ui, follow the link to the Account Management page that is in the drop down menu under your login username.
Once in the Account Management page you will see the tools needed to manage your access tokens.
From this screen you will be able to see the following for each of your access tokens: the id for the token, when you created it, the date that it expires, the status, a button that allows you to disable the token, and a button that allows you to remove each token. There is also a button that allows you to create a new token in the top right corner of the Personal Access Tokens section.
Creating a new Personal Access Tokens From the Account Management Page
When you want to create a new personal access tokens, start by clicking the Create New Token button.
A window will pop up that will contain your token. For security reasons, it is only possible to display this token once at the time of creation. We recommend immediately copying the token to where it will be used. If you lose the token please delete the record and create a new one.
As a security best practice, use each token in only one place and don’t save it to your notes app or password manager. Don’t share tokens with other users, tokens grant full access to your Magpie account.
Creating a new Personal Access Tokens using Magpie Commands
A user can also create an access token for themself using magpie commands. This will create a new token and display the token in the notebook or command line where you run the command.
create access token
Creating a new Personal Access Tokens for Service Accounts using Magpie Commands (Organizational Admins)
An organizational admin may create an access token for a service account by using the following command:
create access token for service_account_user@silect.is
Disabling a Personal Access Tokens from the Account Management Page
If for any reason, you want to disable your token for a short period of time simply click the disable button and that token will no longer be valid for authentication while it is in a disabled state. This action should be temporary in nature, if you want to permanently disable the token please remove it.
Removing a Personal Access Tokens From the Account Management Page
When a personal access token is no longer needed or has expired, click the remove button to permanently remove the token from the system.
Using the Personal Access Token to Login with Magpie CLI
To use the access token with Magpie CLI add the following to the conf/magpie-env.sh file in the Magpie CLI folder structure and run the command bin/magpie .
export MAGPIE_HOST="<your organization>.silect.is" export MAGPIE_LOGIN_PARADIGM=token export MAGPIE_ACCESS_TOKEN="<the token string you copied from above>"
Using the Personal Access Token to Login with JDBC Connector
To use the access token when logging into Magpie via the JDBC connector, as you would with PowerBI or DBeaver, all you need to do is to follow the instructions outlined in Connecting to BI Tools then just replace your password with the personal access token.