API Tokens

API tokens let you securely automate and integrate with the Ankra platform. Use them for CLI, CI/CD, and custom integrations.

API tokens are secure credentials that allow you to authenticate and interact with the Ankra platform programmatically. They are used for CLI operations, CI/CD automation, and integrating Ankra with your own tools or scripts.


How to Generate an API Token

  1. Click your profile icon in the bottom left corner of the Ankra dashboard.
  2. In the menu, select Profile.
  3. On your profile page, choose API Tokens.
  4. Click Add Token on the token list page.
  5. Give your token a descriptive name and set the desired permissions (if applicable).
  6. Copy the generated token and store it securely. You will not be able to view it again!

Tip: For security, create separate tokens for different use cases (e.g., CLI, CI/CD, integrations).


Use Cases for API Tokens

1. Ankra CLI Authentication

Set the ANKRA_API_TOKEN environment variable to authenticate the CLI:

export ANKRA_API_TOKEN="<your-token>"

2. CI/CD Integration

Use API tokens in your CI/CD pipelines to automate cluster management, addon deployment, or other Ankra API operations. Store tokens as secrets in your CI/CD system (e.g., GitHub Actions, GitLab CI, Jenkins).

Example (GitHub Actions):

env:
  ANKRA_API_TOKEN: ${{ secrets.ANKRA_API_TOKEN }}

3. Programmatic Access (Source Code)

API tokens can be used in scripts or applications written in any language that supports HTTP requests (e.g., Python, Go, Node.js, Bash).

Python Example:

import requests
headers = {"Authorization": "Bearer <your-token>"}
response = requests.get("https://platform.ankra.app/api/v1/clusters", headers=headers)
print(response.json())

Node.js Example:

const fetch = require('node-fetch');
fetch('https://platform.ankra.app/api/v1/clusters', {
  headers: { 'Authorization': 'Bearer <your-token>' }
})
  .then(res => res.json())
  .then(console.log);

Security Best Practices

  • Treat API tokens like passwords—never share or commit them to source control.
  • Use the minimum required permissions for each token.
  • Revoke tokens immediately if you suspect they are compromised.
  • Rotate tokens regularly for critical automation.

Troubleshooting

  • Token not working? Double-check you copied it correctly and that it has the right permissions.
  • Lost your token? Delete it and generate a new one.
  • Permission errors? Ensure your token has the necessary scopes for your operation.

More Information