System tokens security policies
System tokens security policies govern the creation and management of System API tokens, including controls for token expiration, IP filtering, and permission updates. The policies allow administrators to enable or disable token creation, set mandatory expiration periods, enforce IP-based access restrictions, and control whether existing token permissions can be modified.
The System Tokens Security Policy controls the ability to create a System API token, the enforced expiry and IP filters. It is also possible to allow updates to permissions for existing tokens.
 |
When enabled, users can go to the System token and create or update their System API token. For more information on creating a token, see System API Tokens.
When disabled, existing tokens will be deleted, and the option to create a System API token will no longer be available.
. If the checkbox is selected, existing tokens can be modified to change the permissions and abilities granted to the token. Changes made in this way are instant as soon as the permissions are updated.
If enabled, a maximum duration for a System API token will be enforced at the point that tokens are created and it won't be possible to create API tokens with a duration longer than the configured token expiration. The expiration can be expressed in the number of days, hours or minutes. For more information on the effect of changing this setting, see Behavior when changing token security policies.
When enabled, it applies the selected IP filter to all requests made with a System API token. The token will only work when the IP filter has not blocked or restricted access. You can select a named IP filter from the list. For more information on creating named IP filters, see IP Filters.