🚨 This documentation is out of date.
View our New Documentation!
Open Collective Docs
Go back to Open Collective
  • Welcome
  • About
    • Introduction
    • Documentation
    • Terminology
    • Company
    • Pricing
    • Team
    • The Open Collective Way
      • Mission and Values
      • Community Guidelines
    • Hiring
    • Investors
    • Contributing
    • Refund Policy
    • Contact Us
  • Product
    • Features
    • Roadmap
    • Comparison
    • User Profile
    • Dashboard
      • Preview Features
    • Currencies
    • Log-in System
    • Privacy Policy
    • Moderation
    • Security
    • Ledger
      • Individual Transactions
      • Transaction Pairs, Groups & Perspectives
      • Viewing Transactions
      • Exporting Transactions
      • Fiscal Host Ledger Perspective
      • Contributions in the Ledger
      • Added Funds in the Ledger
      • Expenses in the Ledger
      • Ledger Changelog
    • Notifications
    • Two-factor Authentication
    • Activity Log
  • Collectives
    • Collectives FAQ
    • Creating a Collective
    • Quick Start Guide
    • Collective Settings
      • Customize Collective
      • Team
      • Collective Goals & Tiers
      • Expense Policy
      • Data Export
      • Security
      • Integrations
      • Zero Collective Balance
      • Closing a Collective
    • Add Fiscal Host
    • Change Fiscal Host
    • Open Source Collectives
      • Setting up GitHub Sponsors
    • Transparent Budget
    • Expenses
    • Updates & Comms
    • Custom Email
    • Moderation
    • Conversations
    • Events
    • Projects
    • Funding Options
    • Buttons & Banners
    • Connected Collectives
    • Contribution flow
  • Financial Contributors
    • Financial Contributors FAQ
    • Guest contributions
    • Payments
    • Platform Tips
    • Website Badge
    • Receipts
    • Collective to Collective
    • Organizations
      • Organization FAQ
      • Funds
      • Bulk Transfers
      • Gift Cards
      • Sustainer Resources
  • Expenses & Getting Paid
    • Expenses FAQ
    • Submitting Expenses
      • Inviting a third-party to submit an Expense
    • Expense Comments
    • Edit or Download an Expense
    • Receiving payment through Payoneer or Wise
    • Tax Information
  • Fiscal Hosts
    • Fiscal Hosts FAQ
    • Becoming a Fiscal Host
    • Creating a Fiscal Host
    • Organisation Settings
      • Info
      • Customize Profile Page
      • Connect external accounts
      • Accounting Categories
      • Security
      • Manage updates
      • Policies
    • Fiscal Host Dashboard
      • Expenses
      • Financial contributions
      • Pending applications
      • Hosted Collectives
      • Vendors
      • Transaction Report
        • Reports
    • Receiving Money
      • Bank Transfers
      • Credit Card
      • Add Funds Manually
      • Expected Funds
    • Payouts
      • Virtual Card Settings
      • Payouts with PayPal
      • Payouts with Wise
      • Two-factor authentication for payouts
      • Refunds
    • Host Fees
    • Local Tax Support
    • Agreement Templates
  • Independent Collectives
    • About Independent Collectives
    • Create an Independent Collective
      • Migrate from Self-Hosted to Independent Collective
      • Migrate from a Fiscal Host to Independent Collective
    • Independent Collective Setup
    • Independent Collective Management
      • Money coming in: Contributions
      • Money going out: Expenses
    • Close an Independent Collective
  • Contributing
    • Design
      • Design Workflow
      • Design Contribution Guidelines
    • Development
      • Contribution Guide
      • Best Practice Guidelines
      • Bounties
      • Architecture
      • API
        • Members
        • Collectives
        • Events
      • README Integration
      • PayPal
      • TransferWise
      • Post-Donation Redirect
      • Manual Reporting
      • GitHub Permissions
      • Internationalization (i18n) system
      • Testing with Cypress
      • Testing features
        • Conversations
      • Collective's locations
      • Virtual Cards
    • Documentation
      • Resources for documentarians
      • Style guide
      • Suggesting changes
    • Translation
  • Developers
    • OAuth
    • Personal Tokens
Powered by GitBook

Helpful Links

  • Website
  • Blog
  • Contact
  • Slack

â’¸ Open Collective 2024

On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Developers

Personal Tokens

PreviousOAuth

Last updated 1 year ago

Was this helpful?

Personal Tokens

Personal tokens are used to authenticate with the Open Collective API. They are not tied to a specific application and can be used for various purposes, such as automating tasks or integrating with other services. To use a personal token, you can pass it as a Personal-Token HTTP header or as a personalToken query parameter in the URL.

If your goal is to have other users authenticating with your app/script, you should look into rather than personal tokens.

Creating Personal Tokens

To create a personal token, follow these steps:

  1. Go to your Open Collective account workspace.

  2. Navigate to the "For developers" section.

  3. Click on the "Create Personal Token" button.

  4. Enter a name for your personal token and select the scopes you want it to have.

  5. Optionally tick the checkbox for "Advanced privileges" if you want your token to be able to call queries and mutations that require 2FA (see ).

  6. Optionally set an expiration date.

  7. Click on the "Create token" button.

Everything you set here can be later changed from the token settings page.

Using Personal Tokens

Once you have created a personal token, you can use it to authenticate with the Open Collective API. To do this, you can pass the token as a Personal-Token HTTP header or as a personalToken query parameter in the URL. For example, the following URL would use the personal token "my-token" to make a GET request to the /graphql endpoint:

https://api.opencollective.com/graphql/v2?personalToken=my-token

Scopes

Advanced privileges

The "Allow this token to directly use operations that would normally require 2FA" checkbox allows you to grant your personal token the ability to perform certain actions that would normally require two-factor authentication (2FA). This can be useful for automating tasks that require access to sensitive data, such as processing expenses. However, it is important to note that granting this privilege increases the security risk if your personal token is compromised.

Use cases for personal tokens

Personal tokens can be used for a variety of purposes, including:

  • Automating tasks such as creating expenses, managing memberships, or issuing payouts.

  • Integrating with other services such as accounting software or project management tools.

  • Developing custom tools and integrations for Open Collective.

Personal tokens support the same scopes as OAuth apps. Scopes determine what actions a personal token can perform. You can find a complete list of scopes in the.

OAuth documentation
OAuth
Create personal token modal