Token Object Overview

A Token is means of granting limited access to your application to the outside world. For example, you may wish to grant a unique Token to each of your devices.

Tokens are designed to be sandboxed for security purposes:

  • A Token can be restricted to particular Paths. E.g. /account_id/homesecurity/thermostat
  • Tokens can read Read any objects from the Paths specified, but may only write Drops
  • Tokens may be revoked at any time
  • Tokens may have a duration, after which they expire and cannot be used

As may Tokens can be generated as needed, each with their own unique Token String.

To use a Token, supply the Token String in the same way as you would supply the Master Token - within the X-Auth-Token header. The API will automatically sandbox any requests made with this Token.

      "id": "k548b20f2d4c63c0634ad3cc8",
      "tokenString": "SSOjDZ4VMHS2JcwT1sIpE8x91QfG",
      "paths": {
            "/alice/homesecurity/thermostat" : {
                "dropRead" : true,
                "dropWrite": true
            "/alice/homesecurity/reports" : {
                "dropRead" : false,
                "dropWrite": true

NOTE: Paths permissions are recursive. In the example above, the Token would have access to any paths below the ones specified.

Token Object Members


A map of Paths to their Permissions. In this way, each Path can have a unique Permission set.

Working with Tokens