Black Duck user access (API) tokens can be used instead of a username and password, or to authenticate to the API over basic authentication.  After your token is generated, a message displays and shows your token.  For security reasons, this is the only time your token is presented to you.  Synopsys recommends that you save the token in a text file.  You also have the option to regenerate a new token with the same name and description at any time.

Many of the Integrations products require the use of an API token when configuring the product, and the token may also be used for your login credentials. 

Use the following process to generate your API token.

Generating an API token

1. Log in into a Black Duck instance.
2. Click the User Menu.
3. Click My Profile.  Near the center of the My Profile page is an option to create a user access token.
4. Type your name in the Name field.
5. Optional: in the Description field, you can type a description or definition.
6. Select Read Access and/or Write Access.
7. Click Generate. The API token displays in a pop-up window. For security reasons, this is the only time your user API token displays. Please save this token. If the token is lost, you must regenerate it.
8. In the pop-up, click Copy to copy the token to your clipboard.  From here, you can paste your API token into a text file to save it.
9. Configure the plugin with your blackduck url and the API token you just generated.