# Create and manage your API token

Application access tokens are created and managed in the Sesame Application. Due to the sensitivity of the information available from Sesame Data, token management is closely controlled. Within your Sesame Application, only users who are Account Administrators will be able to create and manage tokens. However, as this is an application token, any user with the token can make requests. 

{% hint style="info" %}
Note that if you are not an Account Administrator, ask the Account Admin of your Sesame account to generate and send you the token Username and Password.
{% endhint %}

## How to create an API Token

Once logged in to Sesame, in the `Sesame Data Experience`, Account Administrator users can generate a token from the `Destinations` menu: under `API` select `Tokens` and then `Create Token`.

The user is required to name the token and provide an expiration date. The field `Description` can be used to add more information about where the token is used. As Sesame has integrations to a growing list of partner software solutions, to assist in monitoring the usage of different tokens, the target software can be set from the list of available ones. 

For security, after saving the token, Account Administrators will be notified by email of the newly created token. Sesame will also automatically email the token creator when the token is two days away from expiration to allow time for a new token to be created, helping to avoid connectivity disruptions. 

To enhance security of their connections in the event a token is accidentally leaked, users can optionally utilise [ip-whitelisting](https://docs.landytech.com/sesame-data-v2/authentication/ip-whitelisting "mention").

<div data-full-width="false"><figure><img src="https://1520949674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLGr6a1Wcc9zB3XAdNNQu%2Fuploads%2F2R1MqrBEfw9RNjGtA2hy%2Fimage.png?alt=media&#x26;token=b1c0c11a-978c-4483-a2bd-413bd83cacd7" alt="" width="375"><figcaption></figcaption></figure></div>

## Reviewing, revoking and managing existing tokens

Post creation of a token, users can later retrieve the token password and username by selecting the `Edit` option.  Users can also manage the name, description and whitelisted IPs. Users can revoke tokens that they no longer require. Revoked tokens stop working immediately.

<figure><img src="https://1520949674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLGr6a1Wcc9zB3XAdNNQu%2Fuploads%2FUcebcA6WiOODTF2LOmUj%2Fimage.png?alt=media&#x26;token=8ff42723-0211-4fdf-be1e-6ebacb5e0988" alt="" width="375"><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.landytech.com/sesame-data-v2/authentication/create-and-manage-your-api-token.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.