About Management Tokens
Management Tokens are secure credentials that grant read-write or read-only access to the content within your stack. When used in combination with the stack API key, they authorize requests made via the Content Management API (CMA), enabling you to programmatically manage the content of your stack.
Note: A management token can be assigned to all or specific branches and aliases, giving you flexibility in how content access is controlled. For more information, refer to our Global Modules document.
A management token with read-write permissions can perform all possible actions on the following modules:
- Entries
- Assets
- Content types
- Labels
- Extensions
- Releases
- Environment
- Languages
- Webhooks
- Roles
- Users (Except adding and removing users to/from a stack)
- Workflows (Except for changing workflow stages)
- Publish Rules (Except set up publishing rules that require the approval of users or roles)
- Audit Log (Read-only)
- Publish Queue
A management token with just read permissions can be used to make all GET requests for the modules mentioned above.
Note: Management tokens cannot be used for the following modules: organization, stack, user session, and tokens.