Dernière mise à jour: 2 juillet 2025

Manage service user API tokens

Learn how to create, revoke, delete, and regenerate service user API tokens to securely connect external systems via the web app.

What are the differences between service user and user API tokens?

Service user and user API tokens offer flexible ways to connect external tools to SafetyCulture.

Service user API tokens are best suited for long-term or shared integrations where access should stay the same regardless of user changes. You can set their permissions, which makes them ideal for stable, system-level connections.
User API tokens are suitable for one-off tasks, personal workflows, or scenarios where access needs to reflect a specific user's permissions or group and site memberships.

Choosing the correct token type ensures your integration runs smoothly while matching your organization's security and access needs.

Functionality	Service user API token	User API token
Ownership	Created for a service user (system-based or integration-focused)	Created by an individual user
Login	Cannot be used to log in	Can be used to log in
Permissions	Assigned for each service user	Inherits the user’s permission set
Group and site access control	Not supported	Inherits access from the user
Integrations	Designed for long-term or shared integrations	Suited for short-term or personal use
Token stability	Not affected by user changes	Will expire if user is deactivated or exits the organization
Activity logs	Shows the service user name	Shows the individual user’s name
Visibility	Not shown in the user list	Visible in user settings
Billing	Does not count toward seat billing	Counts toward assigned user seat

Each user can create up to 10 active user API tokens. Whereas, each organization can have up to 20 active service user tokens.

If you belong to multiple organizations, you need to create separate API tokens for your integrations. This applies to both service user and user API tokens.

Vous aurez besoin

If you're using a service user API token for SCIM provisioning, the service user must have both Autorisation « Gestion de la plateforme : utilisateurs » and Autorisation « Gestion de la plateforme : Groupes ».

Create a service user API token

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Click Create API token on the upper-right of the page.
Complete the following details:
- Enter a name for the service user API token to describe its purpose.
- Choose how long the token remains active before it expires due to inactivity. You can select 31, 45 (default), 60, or 180 days.
- Select the permission sets for the service user. All permissions are selected by default.
Click Create token on the lower-right of the page.
In the pop-up window, click the service user API token to copy it. Save the token securely before closing the window.

Edit a service user API token

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Click the active service user API token you want to edit.
Click on the upper-left of the page to change the token name.
On the left-hand side of the page, click Modifier to change how long the token remains active before it expires due to inactivity. You can select 31, 45 (default), 60, or 180 days.
On the right-hand side of the page, click Modifier to update the service user's permission sets.
Click Enregistrer les modifications.

View service user API tokens list

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Under Service user API tokens, view the list of tokens.

Revoke a service user API token

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Under Service user API tokens, click Annuler next to the token.
In the pop-up window, click Annuler.

Regenerate a revoked service user token

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Under Service user API tokens, click Regenerate next to the revoked token.
In the pop-up window, click Confirmer.
Click the service user API token to copy it. Save the token securely before closing the window.

Delete a revoked service user token

Log in to the web app.
Click your organization name on the lower-left corner of the page and select Intégrations.
Select Jetons API from the tab at the top of the page.
Click next to the revoked service API token.
Select Supprimer.
In the pop-up window, click Supprimer.

FAQ

It depends on how your integration is set up.

For custom-built integrations (such as Workato, scripts, or direct API calls using a service user or user API token): Yes. Regenerating the token will break the integration until the replacement token is manually updated in your integration settings.
For built-in SafetyCulture integrations (such as Power BI, Microsoft Teams, or SharePoint): No. These integrations use system-managed tokens, so revoking or regenerating your API tokens will not affect them.

Besoin d'aide supplémentaire?

Nous contacter

Demander à la communauté

Cette page vous a-t-elle été utile?

Merci pour votre commentaire.

Si vous souhaitez obtenir une réponse de notre part, veuillez nous contacter à l'adresse suivante :support@safetyculture.com.

Dans cet article

Articles pertinents

Qu'est-ce qu'un ensemble d'autorisations ?

Découvrez comment utiliser les ensembles d'autorisations pour gérer ce que vos équipes peuvent faire ou non dans votre organisation SafetyCulture.

Générer des jetons API

Comment générer des jetons API obligatoires pour les intégrations avec SafetyCulture ?

Débuter avec les intégrations

Découvrez les principales façons d'intégrer avec SafetyCulture.