Admin Tokens
Admin tokens let automation call the AISIX Cloud control-plane API without a browser session.
They are intended for organization-level workflows such as CI pipelines, infrastructure automation, or internal tools that manage Cloud resources. They are not caller API keys for gateway traffic or upstream provider keys for model access.
An admin token belongs to one organization. AISIX Cloud uses that organization binding when it authenticates the request, so API calls do not need a separate organization header.
Create an Admin Token
Only organization owners can create or revoke admin tokens.
- Open Admin tokens.
- Select New token.
- Enter a unique name.
- Choose an expiration.
- Select one or more scopes.
- Create the token and copy the plaintext value before leaving the one-time view.
AISIX Cloud stores only a SHA-256 digest of the token. If you lose the plaintext value, revoke the token and create a replacement.
Choose Scopes
Admin token scopes control which API methods the token can use:
| Scope | Allows |
|---|---|
read | GET requests on Cloud API routes. |
write | POST, PATCH, and DELETE requests on Cloud API routes. |
Use read for inventory or reporting jobs. Use write only when automation needs to create, update, or delete Cloud resources.
Use an Admin Token
Send the token as a bearer token:
curl -sS "https://<your-cp-api-host>/api/environments" \
-H "Authorization: Bearer ${AISIX_ADMIN_TOKEN}"
Use the Cloud workflow docs for the route you are automating. For example, Members shows how to create a directly managed member for API key ownership.
Rotate or Revoke Tokens
Admin token plaintext is not recoverable after creation. To rotate a token, create a replacement token, update the automation that uses it, verify the automation succeeds, and then revoke the old token.
Revoking a token takes effect immediately. Any automation still using that token receives authentication errors until it is updated.
Next Steps
Continue with Members to add dashboard users or API key owners to an AISIX Cloud organization.