Use of API Tokens in Client Applications | LogicMonitor

About us

Get to know LogicMonitor and our team.

Get to know us

Services

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

Learn

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

Support

Platform
- Platform
  
  Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.
  
  Platform Overview
- Infrastructure Monitoring
- Network monitoring
- Server monitoring
- Remote monitoring
- Virutal machine monitoring
- SD-WAN monitoring
- Database monitoring
- Storage monitoring
- Configuration monitoring
- Cloud Monitoring
- Container monitoring
- AWS Monitoring
- GCP Monitoring
- Azure Monitoring
- Digital experience
- SaaS monitoring
- Website monitoring
- APM
- AIOPS
- Edwin AI
- Integrations
- Security
- Dashboards
- Platform demo
- Logs
Solutions
- Solutions
  
  Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.
  
  Solutions overview
- By Initiative
- Digital transformation
- Cloud migration
- Tool consolidation
- Reduce MTTR
- Cost Optimization
- Automation
- Operational efficiency
- Modernization
- By Industry
- Financial services
- Health and life sciences
- Manufacturing
- Retail
- Education
- State and local
- Software companies
- MSP
Pricing
Customers
Resources
- Resources
  
  Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.
  
  View Resources
- Learn
- Blog
- Case studies
- Events
- LM Academy
- Product News
- Elevate Summit
Company
- About us
  
  Get to know LogicMonitor and our team.
  
  About us
- Get to know us
- Leadership
- Awards
- Press
- Careers
- Contact & locations
- Connect
- Blog
- Case studies
- Events
- LM Academy
- Product News
- Elevate Summit
- Services
- Professional services
- Partners
- Customer success
- LM community
Documentation
- Documentation
  
  Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.
  
  View Resources
- Support
- Documentation
- Developer docs
- Support tickets
- Release notes

TRY IT FREE

ON DEMAND DEMO

Product Documentation

API tokens serve as credentials for authenticating and authorizing API requests. When using API tokens, follow these practices:

Keep Tokens Secret: API tokens are like passwords; they grant access to resources. Keep them secret and avoid hardcoding them in your application’s client-side code or publicly accessible repositories.
Secure Storage: Store tokens securely on the client side. Avoid storing them in plain text or using insecure storage mechanisms like local storage or cookies. If deploying tokens in server-side applications, use environment variables or a secure secrets management system (preferred) to store and access them.
Audit Logs: Keep audit logs of token usage to monitor for suspicious activity and unauthorized access attempts. Search LogicMonitor’s Audit Log for related events.
Single Purpose: Generate unique tokens for each client or application. One token should only be used from one source location and for one purpose.
Educate Users: Educate developers and users about the importance of API token security and best practices for handling them.