Get access to your Atlassian cloud products
Discover important Atlassian cloud account log in information, including troubleshooting problems.
Manage API tokens for your Atlassian account
After December 15, 2024, by default we set API tokens to expire in one year. When you create an API token, you can set the expiration date to be from 1 day up to one year.
This does not affect your existing API tokens.
You can use an API token to authenticate a script with an Atlassian cloud product. You generate the token from your Atlassian account, then copy and paste it into a script.
If you use two-step verification to authenticate, your script needs to use a REST API token to authenticate.
How to use an API token
A primary use case for API tokens is to allow scripts to access REST APIs for Atlassian cloud products using HTTP basic authentication.
Depending on the details of the HTTP library you use, you can replace your password with the token. For example, when using curl, you could do something like this:
1
curl -v https://mysite.atlassian.net --user me@example.com:my-api-tokenIn this example, me@example.com is the email address for the Atlassian account you're using to create the token.
We use a varied API token length tokens rather than fixed length to ensure tokens are more secure and reliable. If your script relies on fixed API token length, check that it can handle a variable length instead.
Create an API token
API tokens with an infinite lifespan pose a data security risk. To improve data security, by default we set API tokens to expire in one year. When you create an API token, you can set the expiration date to be from 1 day up to one year.
Create an API token from your Atlassian account:
Log in to https://id.atlassian.com/manage-profile/security/api-tokens.
Select Create API token.
Give your API token a name that describes what it does.
Select an expiration date for the API token.
Token expiration is 1 to 365 days.
Select Create.
Select Copy to clipboard, then paste the token to your script, or save it somewhere safe.
You can't recover the API token after you’re done with this step. We recommend you save your API token in a password manager.
Revoke an API token
When you revoke a token it no longer works and we permanently remove it from your account. If you revoke an existing API token, you can replace it with a new token.
To revoke an API token:
Log in to https://id.atlassian.com/manage-profile/security/api-tokens.
Select Revoke for the API token that you want to revoke.
To revoke all API tokens for your account, select Revoke all API tokens.
API token settings
You can use API tokens with Confluence Cloud, Jira Cloud and Jira Align REST APIs. If you're using Bitbucket Cloud, see App passwords.
Setting | Description |
|---|---|
Token name | Give your token a name that explains what it does. |
*Token expiration | By default we set tokens to expire in one year. When you create an API token, you can set the token to expire from one to 365 days. |
*This only applies to tokens you create after December 15, 2024.
Was this helpful?
Still need help?
The Atlassian Community is here for you.