Welcome Edit the Doc Site Hacker Success Guide Create an Account Password Best Practices Private vs Public Programs Reputation Signal and Impact Hacker Dashboard Opportunity Discovery Badges Thanks Payments Payout Preferences Tax Forms External Payments Verification Letters Payments FAQs ID Verification External Services Hack The Box Following Notifications Background Checks Hacker Email Alias Sessions Calendar Device Registration Two-Factor Authentication Invalid OTP Code Api Token Hacktivity Directory Create a Directory Page Leaderboards 90 Day Leaderboard Hacker101 Retesting Collaboration Credentials CVE & CWE Discovery Security Checks Publishing External Vulnerabilities Misconduct Hacker Mediation Disclosure Assistance HackerOne Gateway Installing the VPN Root CA Configuring OpenVPN Clients Gateway V2 Installing the VPN Root CA Installing the WARP Client Connecting to a program Invitations Decline Invites and Leave Programs HackerOne Clear Submitting Reports Claiming Reports Restricted from Submissions Report Actions Report States Report Components Quality Reports Using Markdown HackerOne on Your Reports Weakness Types of Weaknesses Severity Disclosure Keyboard Shortcuts Pentest Overview Retesting Pentest API Token You can generate an API token to experiment with or use the HackerOne API. The API token identifier and value are used as the username and password for HTTP Basic authentication
Generating a personal API token
In order to generate a personal access token, please follow these steps:
Sign in to your HackerOne account
Visit the API Token page in your account settings
Click Generate API Token to generate a new token (This will revoke any previously generated token)
The token will only be shown once, so make sure to store it well
Revoking your API token
In order to revoke a token, you can do one of the following:
Generate a new API token
Revoke the token by clicking click here on the API Token settings page