Skip to main content
Superblocks has several integration options that require access tokens or API keys:
  • Superblocks CLI - Source control your Superblocks tools and edit apps in code with the Superblocks command line interface.
  • Import and Export Actions - Sync changes back to Superblocks using GitHub Actions and GitLab Pipelines.
  • SCIM API - Manage Superblocks users and groups programmatically.
  • Embed Session API - Lets you request session tokens for embedded users to grant them access to your embedded applications.

Personal API key

The Superblocks CLI and CI actions require a personal API key for authorization. The operations you can perform is tied to your personal permissions within the Superblocks platform. To access your personal API key:
  1. Click your avatar in the upper-left corner of the home page and click Personal Settings
  2. On the left nav, click API Key
  3. Click the copy icon to copy your API key

API authentication

The SCIM and Embed Session API both require org-level access tokens. The set of operations the token can perform is based on the Token type set when creating the token.
  • Org Admin - used by the SCIM API and has permission to manage org settings, users, and groups
  • Embed - create and manage authenticated session tokens for Embedded Apps users

Creating an access token

  1. Click your avatar in the upper-left corner of the home page and click Organization Settings
  2. On the left nav, click Access Tokens
  3. Click +Create token
  4. In the Name field give your token a descriptive name
  5. Select an Expiration date, or use the default 90 day expiration.
  6. Set the Token type that you want
  7. Click Create

Deleting an access token

Deleting an access token removes it from your account. This is an irreversible action and a deleted token cannot be recovered. For this reason, we recommend creating a new access token and update anywhere you’re calling Superblocks APIs, before deleting the token.
  1. Click your avatar in the upper-left corner of the home page and click Organization Settings
  2. On the left nav, click Access Tokens
  3. In the table of access tokens, select Remove next to the token you’d like to delete
  4. Confirm in the browser alert