API Tokens

Your program’s administrative users can generate and manage API tokens to experiment with or use the HackerOne API. The API token identifier and value are used as the username and password for HTTP Basic authentication.

To generate an API token:

  1. Go to Organization Settings > API Tokens.

api-token-1

  1. Click Create API Token.

  2. Enter an identifier for the new API token.

api-token-2

  1. Select the programs and groups you want to add this token to. When no groups are selected, they only have read-only permissions. The default groups you can choose from are:
Option Details
Standard This group has Report and Reward permissions.
Admin This group has Admin and Program permissions.

If your program has more groups, you can choose from those groups as well.

  1. Click Create API token

  2. Store the generated API token.

  3. Click I have stored the API Token.

api-token-3

Once you've generated your API token, you'll receive a confirmation email stating that you’ve created a new API token. To learn more about the HackerOne API, check out our API docs.