Personal Access Token

Creating a Personal Access Token

To use the DeepSource GraphQL API, you need to autenticate using a Personal Access Token. You can create a token from user settings, which can be accessed from the user menu on the dashboard.

On the settings page, navigate to the Tokens tab, there you'll find a prompt to generate a new token. The create token modal has two options, a name for the token and expiry. We strongly suggest you to set a token expiry and periodically rotate them.

Treat your tokens like passwords and keep them secret. When working with the API, use tokens as environment variables instead of hardcoding them into your programs. Enabling the Secrets analayzer on the services using these tokens would be a great idea.


Please note that services using your tokens will have the same privileges as you have across all owners.

Deleting tokens

From the token settings page, you can delete one or all access tokens. Once deleted, the token access will be revoked immediately and cannot be recovered.