Create an API token#
API tokens let the sysand client publish projects and perform other
authenticated package-index actions. Prefer
trusted publishing over API
tokens for existing projects when that fits your workflow.
Before you start#
You need a Sysand Index account. To create or revoke a project token, you need effective Owner or Maintainer access to that project. Effective access can come from direct project membership or from an organization team with project access.
Organization Owner access by itself does not grant project-token access; see Roles and permissions.
For exact token prefixes, limits, and upload authorization rules, see API tokens.
Choose the token type#
Sysand Index supports account tokens and project tokens. Project tokens are scoped to one existing project. Account tokens use your account permissions and can also be used to create a new project.
To create a new project in an organization namespace with an account token, you must be an Owner or Manager of that organization. After the project exists, account-token uploads require effective project Owner or Maintainer access.
Create a token#
Go to Settings -> Tokens.
Under Create new token, enter a descriptive name and choose an expiry.
Press Create token.
Copy the token from the confirmation dialog before closing it.
The token will start with sysand_u_.
Go to Projects.
Click Manage on an existing project.
Click the tokens tab.
Under Create new token, enter a descriptive name and choose an expiry.
Press Create token.
Copy the token from the confirmation dialog before closing it.
The token will start with sysand_p_.
Because tokens are long-lived credentials, the index may first ask you to confirm your identity with your password or a two-factor code before the token is created.
The new token appears in the token list on the same page, showing its name, display prefix, and expiry date.
Configure sysand to use an API token#
To use the token with sysand, for example with sysand publish, configure
the credential environment variables. The commands below are specific to
sysand.com; the general mechanism, including private indexes and other
credential kinds, is covered in Authenticate to an index.
Replace the example bearer token with the token you copied.
Run in PowerShell:
PS> $env:SYSAND_CRED_INDEX = "https://sysand.com/**"
PS> $env:SYSAND_CRED_INDEX_BEARER_TOKEN = "sysand_u_abcdef0123456789abcdef0123456789"
$ export SYSAND_CRED_INDEX='https://sysand.com/**'
$ export SYSAND_CRED_INDEX_BEARER_TOKEN='sysand_u_abcdef0123456789abcdef0123456789'
$ export SYSAND_CRED_INDEX='https://sysand.com/**'
$ export SYSAND_CRED_INDEX_BEARER_TOKEN='sysand_u_abcdef0123456789abcdef0123456789'
Verify#
Confirm that the variables are set in the shell you will run sysand from:
printenv | grep SYSAND_CRED on macOS and Linux, or
Get-ChildItem env:SYSAND_CRED* in PowerShell.
The token itself is checked the first time the sysand client authenticates
against the index, which for an API token is when publishing. For a safe first
try, publish against the test index as described in
Publishing your first project.
For authentication and permission failures, see
API tokens.