These tokens make accessing our API much simpler. However, they have some important caveats...
You'll need to be an account admin to access this page, and the access token will become invalidated if your user account is ever disabled or deleted.
Treat your access token like a password. Anyone who has it can access your tiny+ account.
A couple of really important points about how to use your access token.
Treat your access token like a password to your tiny+ account.
Only use these access tokens in server-side code.
These tokens should only ever be used in server-side code, such as in a PHP script.
Actions performed when using our API with this access token will be in the context of your user account.
It may be worthwhile creating a user account in tiny+ that belongs to the integration you are building.
The access token will stop working if your user acconut is disabled or deleted.
You will need another user to generate a new access token if your account is ever going to be deleted.
If you believe your access token has been compromised, you should go to crm.tiny.plus/account/api_access as soon as possible and revoke it, and generate a new one.