Create API tokens
Create API tokens when another system needs access to your subaccount data.
Written By Carrott Support
Last updated About 1 month ago
What API tokens are for
API tokens let external tools connect to Carrott. They are subaccount-specific and should only be shared with trusted systems.
Steps
- Open Settings.
- Go to API Tokens.
- Select Create Token.
- Add a clear token name.
- Choose the required permissions.
- Create the token.
- Copy the token and store it securely.
Important
The token is shown once. If you lose it, create a new token and revoke the old one.
Permissions
Choose only the permissions the integration needs.
Using the API
Send the token in the x-api-key header:
x-api-key: your_token_hereYou can open the API reference from the API Tokens page.
Security tips
- Use one token per integration.
- Name tokens clearly, such as Website signup form or POS sync.
- Revoke tokens that are no longer used.
- Do not paste tokens into public docs, emails, or chat tools.