Simple access token

Building an integration just for your company?

Are you building an integration to only access your own tiny+ data?

Rather than registering for a Client App, you can get a simple long-life access token by visiting

These tokens make accessing our API much simpler. However, they have some important caveats...

You'll need to be an account admin to access this page, and the access token will become invalidated if your user account is ever disabled or deleted.

Important considerations...

Treat your access token like a password. Anyone who has it can access your tiny+ account.

A couple of really important points about how to use your access token.

  1. Treat your access token like a password to your tiny+ account. This means that you should NEVER include it in a public Git repository, or in the Javascript code of a website you build.

  2. Only use these access tokens in server-side code. These tokens should only ever be used in server-side code, such as in a PHP script.

  3. Actions performed when using our API with this access token will be in the context of your user account. It may be worthwhile creating a user account in tiny+ that belongs to the integration you are building.

  4. The access token will stop working if your user acconut is disabled or deleted. You will need another user to generate a new access token if your account is ever going to be deleted.

If you believe your access token has been compromised, you should go to as soon as possible and revoke it, and generate a new one.

Last updated