Tokens in LogScale
LogScale supports a variety of different tokens that are used to provide API access to the different components of the system. Tokens use a randomly generated sequence of characters that identify the authority of a system or service to use a particular aspect of the LogScale instance.
Performing different actions, particularly through the API, is controlled through the API token and it is a combination of the type of API token, and the individual permissions granted to it, that allow or restrict access.
For example, to perform Organization level administration an Organization API token must be used. Having an Ingest Token or Repository API Token does not grant privileges to manage the organization. Conversely, data cannot be read or accessed using an Organization API Token, as these are only for managing your LogScale installation.
The basic model for the API Tokens and security architecture is shown in Figure 33, “API Token Architecture in LogScale”.
Figure 33. API Token Architecture in LogScale
For more detailed information about each of the API token types, see API Tokens.
API tokens are governed by Security Policies.
Note
Ingest tokens are another type of token in LogScale, but they are not API tokens.
Ingest tokens are long-living token strings that you can use to set up your ingestion pipeline in Falcon LogScale Collector or other log shippers. Ingest tokens are used to identify the repository, parser, and authority to send data for ingestion into LogScale. They do not allow access to the API or to query data stored in repositories.
For more information, see Ingest Tokens.