Document toolboxDocument toolbox

Personal Access Token based authentication

Owned by Sarabjeet Kaur
Feb 08, 2024
3 min read

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)

There may be conditions when you need to share your Kyvos environment with other users, such as if you want a colleague to help you with your analysis or designing, or any other tasks. However, in most organizations, the Kyvos application is integrated with the LDAP directory for single-sign-on, and hence sharing your credentials could lead to a major security breach.

For all such cases, Kyvos allows you to generate Personal Access Tokens to enable other users to access your Kyvos environment without sharing your LDAP credentials.

Note

By default, this feature is enabled. However, you can disable it using the ENABLE_PAT property in olapengine.properties file.

Using this Personal Access Token, another user can use your username for signing into the Kyvos Web portal and enter the personal token instead of your password. They can access all the features and functionalities, including access to REST APIs and connection to the BI tools, to which you have permissions. All the actions performed by this user will be logged as events in your username.

Note

Users signed in through personal access tokens do not have access to token management. This means they cannot generate, edit, or revoke the tokens.

To generate a personal access token, perform the following steps. 

  1. Click the person icon on the home page.

  2. Click Security > Personal Access Token.

  3. Click Generate Token.

  4. Add a description for the token, and select the date and time to configure the validity of the token.

  5. Click Generate. The token is generated and displayed on the screen.

Warning

You MUST copy the token and save it at a secure location. This is your only chance to save the token, as Kyvos does not maintain it in the repository. You are responsible for maintaining the security and confidentiality of this token.

 

To revoke a personal access token, perform the following steps. 

  1. Click the person icon on the home page.

  2. Click Security > Personal Access Token.

  3. From the list of displayed tokens, right-click the token and select the Revoke option.
    The token will be removed from the list.

To revoke or edit a personal access token, perform the following steps. 

  1. Click the person icon on the home page.

  2. Click Security > Personal Access Token.

  3. From the list of displayed tokens, right-click the token and select the Edit option.

  4. Change the validity of the token, and click Update.

Copyright Kyvos, Inc. All rights reserved.