App tokens for accessing PowerShell Universal APIs.
PowerShell Universal app tokens can be used with both custom API endpoints and the management API. The management API uses the standard Administrator, Operator and Reader roles. The custom API app tokens can utilize custom roles as well as the built in ones.
You can grant App Tokens to using the Admin Console or you can use the Management API directly.
Admin Console
To grant a token in the Admin Console, navigate to Settings Security AppTokens. Click the Grant App Token button to grant an App Token for the current user.
When you click Grant App Token, you will be provided with a dialog that allows you to specify the Identity, Role and expiration time of the token.
Management API
You can also grant app tokens to users from the management API. To grant an App Token programmatically using the API, you can do the following.
Administrators can grant app tokens to any user by specifying the user's identity ID. In order to grant an app token to an identity via the REST API, the user needs to have a defined role. The user is defined with the Operator role and thus their App Token will be granted access based on that role.