API tokens are secure credentials that allow you to authenticate and interact with the Ankra platform programmatically. They are used for CLI operations, CI/CD automation, and integrating Ankra with your own tools or scripts.
How to Generate an API Token
- Click your profile icon in the bottom left corner of the Ankra dashboard.
- In the menu, select Profile.
- On your profile page, choose API Tokens.
- Click Add Token on the token list page.
- Give your token a descriptive name and set the desired permissions (if applicable).
- Copy the generated token and store it securely. You will not be able to view it again!
For security, create separate tokens for different use cases (e.g., CLI, CI/CD, integrations).
Use Cases for API Tokens
1. Ankra CLI Authentication
Set the ANKRA_API_TOKEN environment variable to authenticate the CLI:
export ANKRA_API_TOKEN="<your-token>"
2. CI/CD Integration
Use API tokens in your CI/CD pipelines to automate cluster management, addon deployment, or other Ankra API operations. Store tokens as secrets in your CI/CD system (e.g., GitHub Actions, GitLab CI, Jenkins).
Example (GitHub Actions):
env:
ANKRA_API_TOKEN: ${{ secrets.ANKRA_API_TOKEN }}
3. Programmatic Access (Source Code)
API tokens can be used in scripts or applications written in any language that supports HTTP requests (e.g., Python, Go, Node.js, Bash).
Python Example:
import requests
headers = {"Authorization": "Bearer <your-token>"}
response = requests.get("https://platform.ankra.app/api/v1/clusters", headers=headers)
print(response.json())
Node.js Example:
const res = await fetch("https://platform.ankra.app/api/v1/clusters", {
headers: { Authorization: "Bearer <your-token>" }
});
console.log(await res.json());
Security Best Practices
- Treat API tokens like passwords — never share or commit them to source control.
- Use the minimum required permissions for each token.
- Revoke tokens immediately if you suspect they are compromised.
- Rotate tokens regularly for critical automation.
Troubleshooting
- Token not working? Double-check you copied it correctly and that it has the right permissions.
- Lost your token? Delete it and generate a new one.
- Permission errors? Ensure your token has the necessary scopes for your operation.