Token Access & Management

SeaLights utilizes tokens for various functionalities, including browser extension, API access, and agent communication.

  • There is no Public API to create, update, or delete Tokens.

  • All Tokens are revocable and rotated by users with relevant permissions at any time, according to the Organization’s policies.

Token Types

SeaLights employs three types of tokens:

Browser Extension Tokens

Purpose: Used for SeaLights browser extension and related functionalities: displaying SeaLights metrics in your SCM's UI and reporting manual tests.

Token Access

Browser extension tokens are user-based.

  • Browser extension tokens are linked to the user who created them.

  • These tokens inherit the creator's group access at the time of using the token, granting access to applications within the creator's groups.

  • Legacy extension tokens have global access (access to all applications).

Token Management

  • Each user can have only one browser extension tokens.

    • The Create New Token button is disabled if a non-legacy token already exists.

  • Users can view, copy, download, refresh, and delete their own browser extension token.

  • Legacy token are only visible to Admin/DevOps users, and their actions (copy, download, refresh) are disabled

  • If the token creator is deactivated or deleted, the extension token is automatically deactivated or deleted.

Token List & Token Creation

  • Open the SeaLights Settings page, from the Settings button on the top right.

  • Go to Browser Extension Tokes on the side menu, under Integration.

  • Press Create New Token button, provide a name to your token and save.

  • Press Copy Token button and use it according to the specific SeaLights integration requirements.

API Tokens

Purpose: Used for authentication in SeaLights public API.

Token Access

API tokens are group-based.

  • API tokens are linked to specific user groups, granting access to applications within those groups.

  • The user groups are linked to the token automatically or by user selection, at the time of creating the token or updating it.

  • Legacy extension tokens have global access (access to all applications).

  • New tokens can also have global access.

Token Management

  • Only Admin/DevOps users can access the API token page.

  • Tokens with Global Access can be viewed by:

    • All Admin/DevOps users, in case this is a legacy token.

    • Admin/DevOps users with permission for manage Users and Permissions, in case this is a non-legacy token with Global Access.

  • Admin/DevOps users can view only API tokens with access to groups they are authorized to view:

    • Admin/DevOps users must be assigned to all groups the token has access to, in order to view the token.

      • Example 1: Token with access to groups A and B, can be viewed by an Admin/DevOps user that is assigned to groups A, B, C.

      • Example 2: Token with access to groups A and D, cannot be viewed by an Admin/DevOps user that is assigned to groups A, B, C.

    • Admin/DevOps users with permission for manage Users and Permissions can view all tokens, even if they are not assigned to groups.

  • Admin/DevOps users can copy, download, and refresh tokens based on their group authorization.

  • Admin/DevOps users with permission for manage Users and Permissions will not be able to copy / download / refresh, if not assigned to all the groups a token has access to.

  • Admin/DevOps users that are able to view a specific token with Global Access can also copy / download / refresh the token.

  • Admin/DevOps users can disable/enable tokens.

  • Deletion is only possible after disabling.

  • Admin/DevOps users can add groups to existing tokens if additional groups are available. There is no option to remove a group that was already added.

Creating a token does not provide access to this token forever. The creator of a token can view a token as long as his/her assigned groups are aligned with the groups the token has access to.

Token List & Token Creation

  • Open the SeaLights Settings page, from the Settings button on the top right. |

  • Go to API Tokes on the side menu, under Integration. Cockpit & Onboarding

  • Press Create New Token button, provide a name to your token and save, and select access level, if required.

  • Press Copy Token button and use it according to the specific SeaLights integration requirements.

  • Alternatively press Download Token button and use the sltoken.txt file downloaded according to your integration requirements.

Agent Tokens

Purpose: Used for authentication in SeaLights Agents.

Token Access

API tokens are group-based.

  • API tokens are linked to specific user groups, granting access to applications within those groups.

  • The user groups are linked to the token automatically or by user selection, at the time of creating the token or updating it.

  • Legacy extension tokens have global access (access to all applications).

  • New tokens can also have global access.

Token Management

  • Only DevOps users can access the API token page.

  • Tokens with Global Access can be viewed by:

    • All DevOps users, in case this is a legacy token.

    • DevOps users with permission for manage Users and Permissions, in case this is a non-legacy token with Global Access.

  • DevOps users can view only API tokens with access to groups they are authorized to view:

    • DevOps users must be assigned to all groups the token has access to, in order to view the token.

      • Example 1: Token with access to groups A and B, can be viewed by a DevOps user that is assigned to groups A, B, C.

      • Example 2: Token with access to groups A and D, cannot be viewed by a DevOps user that is assigned to groups A, B, C.

    • DevOps users with permission for manage Users and Permissions can view all tokens, even if they are not assigned to groups.

  • DevOps users can copy, download, and refresh tokens based on their group authorization.

  • DevOps users with permission for manage Users and Permissions will not be able to copy / download / refresh, if not assigned to all the groups a token has access to.

  • DevOps users that are able to view a specific token with Global Access can also copy / download / refresh the token.

  • DevOps users can disable/enable tokens.

  • Deletion is only possible after disabling.

  • DevOps users can add groups to existing tokens if additional groups are available. There is no option to remove a group that was already added.

Creating a token does not provide access to this token forever. The creator of a token can view a token as long as his/her assigned groups are aligned with the groups the token has access to.

Token List & Token Creation

  • Open the SeaLights Settings page, from the Settings button on the top right.

  • Go to API Tokes on the side menu, under Cockpit & Onboarding.

  • Press Create New Token button, provide a name to your token and save, and select access level, if required.

  • Press Copy Token button and use it according to the specific SeaLights integration requirements.

  • Alternatively press Download Token button and use the sltoken.txt file downloaded according to your integration requirements.

PreviousSettingsNextQuality Gates

Last updated

Was this helpful?