Join fellow LogicMonitor users at the Elevate Community Conference and get hands-on with our latest product innovations.

Register Now

Platform

Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

Platform Overview
Infrastructure Monitoring
Cloud Monitoring
Digital Experience
AIOPS

Solutions

Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

Solutions Overview
By Initiative
By Industry

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

View Resources
Learn

About us

Get to know LogicMonitor and our team.

About us
Get to know us
Services

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

View Resources
Support
TRY IT FREE
ON DEMAND DEMO

Product Documentation

Use of API Tokens in Client Applications

Last updated on 19 September, 2024

API tokens serve as credentials for authenticating and authorizing API requests. When using API tokens, follow these practices:

  • Keep Tokens Secret: API tokens are like passwords; they grant access to resources. Keep them secret and avoid hardcoding them in your application’s client-side code or publicly accessible repositories.
  • Secure Storage: Store tokens securely on the client side. Avoid storing them in plain text or using insecure storage mechanisms like local storage or cookies. If deploying tokens in server-side applications, use environment variables or a secure secrets management system (preferred) to store and access them.
  • Audit Logs: Keep audit logs of token usage to monitor for suspicious activity and unauthorized access attempts. Search LogicMonitor’s Audit Log for related events.
  • Single Purpose: Generate unique tokens for each client or application. One token should only be used from one source location and for one purpose.
  • Educate Users: Educate developers and users about the importance of API token security and best practices for handling them.

Get Started with LogicMonitor