Access tokens are key elements in integrating various Razuna applications or third-party apps to perform actions on behalf of your account. For instance, the Razuna web extension enables seamless file uploads with Collect+, or you can utilize platforms like Zapier to connect Razuna with over 8,000 other applications, thereby enhancing your workflow and productivity.
The Access Tokens can be found in your user profile, accessible through the user menu.
There are primarily two types of access tokens available: the simple token system and OAuth2, which is built on the widely recognized OAuth 2.0 authentication protocol. Additionally, Razuna supports API keys for authentication purposes. The choice between these options largely depends on the requirements set by the vendor of the application you are integrating with.
Simple Access Tokens
To create a new simple access token, click on the "Create a new access token" button in your Razuna dashboard. When prompted, provide a descriptive name for the token that helps identify its purpose or the specific application it is intended for. Be sure to copy the generated token immediately, as it is displayed only once for security reasons and cannot be retrieved later.
Importantly, simple access tokens do not have an expiration date. These tokens operate under your account, inheriting the same permissions as you, including access to all associated workspaces and folders. Therefore, it is crucial to safeguard your access tokens and share them only with the intended application. As a best practice, generate separate access tokens for each application you are integrating with to minimize security risks.
OAuth2 Access Tokens
When you enable the OAuth2 protocol for an application, Razuna functions as an authentication provider. In this setup, the external application generates temporary access tokens for user sessions, which are automatically renewed at regular intervals, thereby reducing the vulnerability associated with long-lived tokens. The OAuth 2.0 authentication system is highly recommended for applications that require elevated security due to the handling of sensitive data or extensive access controls.
Overall, selecting the appropriate authentication method is crucial for both security and functionality; therefore, consider your integration needs carefully when choosing between simple access tokens, OAuth 2.0, or API keys.