# API Tokens

Personal Access Tokens for programmatic access to your Korey workspace.

API tokens let scripts, CI jobs, and other tools talk to the Korey API on your behalf. Each token belongs to a single user and carries the scopes you choose.

## Create a token

1. Open **Settings → Profile → API Tokens**.
2. Click **Create token** in the top right.
3. Fill in the form:
   - **Name** — a label so future-you remembers what it's for (e.g. "CI pipeline", "local script").
   - **Scopes** — the permissions this token will carry. Defaults to all available scopes; check the boxes for the minimum set the consuming tool needs.
   - **Expiry** — pick 1 day, 7 days, 30 days, or **Never**.
4. Click **Create**. The raw token appears once in a dialog with a copy button.

  The token is shown one time only. After you close the dialog Korey stores a one-way hash, so the value can't be retrieved later. If you lose it, revoke it and create a new one.