Skip to main content
Version: 1.7

Personal Access Tokens

You can use Personal Access Tokens instead of OAuth to authenticate with Okteto.

Personal Access Tokens are useful when scripting, or when configuring Preview Environments.

Creating a Personal Access Token

  1. Sign in to your Okteto account.
  2. Click on the Settings icon on the navigation bar at the left.
  3. Click on the New Token button.

    new token

  4. Give your token a descriptive name and click the Generate button.

    token name

  5. Copy the token to your clipboard. For security reasons, after you navigate off the page, you will not see the token again.

    copy token to clipboard

Warning: Treat your tokens like passwords and keep them secret. Always use tokens as environment variables instead of hardcoding them into your programs.

Token Expiration

Personal Access Tokens are valid for 180 days. When a token has expired, it can no longer be used to authenticate and for API requests. It is not possible to restore an expired, you will need to create a new token.

A banner will be displayed a week before your token expires to remind you of this. We recommend that you take the appropriate measures once you see this banner in order to prevent any potential disruptions.

tokens expiration banner

The state and expiration date of every token will be displayed in the UI.

tokens expiration banner

Using a Token on the Command Line

Once you have a token, you can use it to authenticate with the Okteto CLI instead of using your browser, as shown below:

$ okteto context use --token $YOUR_TOKEN

Personal Access Tokens can also be used when setting the OKTETO_TOKEN environment variable.

$ export OKTETO_TOKEN=xxxxxxx
$ okteto namespace create test-cindylopez

Revoking a Personal Access Token

  1. Sign in to your Okteto account.
  2. Click on the settings icon on the left tab.
  3. Click on the Delete button.

    delete a token

  4. Click on the Delete Token button to confirm that you want to delete your token.

    confirm token deletion

Once deleted, the token is automatically revoked, and it can't be recovered.