Skip to content
Storyblok Documentation Docs

Access Tokens

Storyblok offers a rich set of APIs and services for delivering and managing content and assets. Tokens protect access to these services.

Read-only access tokens

Section titled “Read-only access tokens”

Use read-only access tokens to view the content and assets of a specific space. To manage per-space tokens and generate new ones, select the space and open SettingsAccess Tokens.

The following types of tokens are available:

  • Public: Access published content using the Content Delivery API. Use this token in production frontends.
  • Preview: Access draft and published content using the Content Delivery API. Use this token in the Visual Editor or staging environments.
  • Asset: Access private assets using the Content Delivery API.
  • Release: Access content associated with a specific release. Requires the Releases app.
  • Theme: Access a theme for use by the Storyblok rendering service (deprecated).

The following example uses the JavaScript SDK to fetch published stories via the Content Delivery API:

import { apiPlugin, storyblokInit } from '@storyblok/js';


const { storyblokApi } = storyblokInit({
  accessToken: 'YOUR_ACCESS_TOKEN',
  use: [apiPlugin],
});


// Use a public or preview access token
const { data } = await storyblokApi.get('cdn/stories', {
  version: 'published',
});

Read-write access tokens

Section titled “Read-write access tokens”

Use read-write access tokens to perform CRUD (create, read, update, delete) operations via the Management API.

Personal access token

Section titled “Personal access token”

Th personal access token is account-specific. To manage existing tokens or generate new ones, open your Account settings: My accountAccount settingsPersonal access tokens.

By default, a new personal access token grants access to all spaces that you own. Learn more about space ownership in the roles user manual. Alternatively, specify one or multiple spaces that the token should grant access to.

Set individual read and/or write permissions for the following scopes:

  • Asset folders
  • Assets
  • Collaborators
  • Comments
  • Components
  • Datasource entries
  • Datasources
  • Releases
  • Spaces
  • Statistics
  • Stories
  • Tags
  • Users
  • Webhooks

Select at least one scope. Alternatively, click Select all scopes to enable read and write permissions for all scopes.

As an additional layer of security, set an expiration date for the token and generate a new token once the date has passed..

Once configured, click Generate Token. The generated token will only be shown once. Copy the token and store it securely. Upon generation, eligible spaces and scopes can be reviewed, but not changed.

OAuth access token

Section titled “OAuth access token”

An OAuth Access Token is obtained via the OAuth2 authentication flow and is tied to a single space. It has a time-to-live (TTL) and is used for authenticating third-party apps or integrations. Permissions (scopes) such as read_content and write_content are granted during the OAuth process.

Learn more about obtaining an OAuth access token in the OAuth 2.0 Authorization Flow.

Examples

Section titled “ Examples”
Personal access token
curl -H "Authorization: YOUR_PERSONAL_ACCESS_TOKEN" https://mapi.storyblok.com/
OAuth access token
curl -H "Authorization: Bearer YOUR_OAUTH_ACCESS_TOKEN" https://mapi.storyblok.com/

Further resources

Section titled “Further resources”

Was this page helpful?

What went wrong?

This site uses reCAPTCHA and Google's Privacy Policy (opens in a new window) . Terms of Service (opens in a new window) apply.

Get in touch with the Storyblok community

DiscordGitHubYouTubeBlueSkyX.comLinkedIn