Contributors Download PDF of this page
The Astra REST API provides multiple layers of security.
|All HTTP network traffic is protected using the transport layer security (TLS) standard.|
Astra API tokens
To use the Astra REST API, you must provide an API token on every request in the
Authorization request header. Note the following:
You can generate an API token at the Astra web user interface.
A token never expires after it is created.
You can revoke a token at any time at the Astra web user interface.
See Getting an API access token for more information.
Revoking an API access token
You can revoke an API token at the Astra web interface when it is no longer needed.
You need an account for the Astra service. You should also identify the tokens you want to revoke.
After a token is revoked, it is immediately and permanently unusable.
Sign in to the Astra service using your account credentials.
Click the figure icon at the top right of the page and select API access.
Select the token or tokens you want to revoke.
Under the Actions drop-down box, click Revoke tokens.
Roles and access control
Each Astra user is assigned to a single role. The role is used to restrict access to the API calls. The defined roles include: