API / Creating an Authorization Token

Using Silverbucket Customer API requires authentication with a token. Token's can be managed by Silverbucket Administrators from Silverbucket's Admin view.

Setting up an API user

Authorization tokens can be created to any user in Silverbucket. We recommend creating a specific user for which the token is used when calling API's. Suggested details for API user:
  • Username: api.user
  • First name: user
  • Last name: API
  • Full access rights: true
  • Admin rights: true

Saving user's ID for testing

If you plan to test your token with the instructions later on in this topic, please record the newly created user's Silverbucket's internal ID. It can be found from the URL of the new API user's Dashboard. URL of the API user's Dashboard is
When the API user is later on in these instructions hidden, there is no easy way to access the User's Dashboard and retrieve this information.

Token management

Only administrators can manage authorization tokens. To access Token management view:
  • Select ellipsis icon from the top navigation bar
  • From the context menu select Admin
  • From the Admin view select System settings tab
  • From the System settings select Token management
To create a token:
  • Press Create token button
  • From the Create token dialog select the API user
  • Press Create
  • In the upcoming dialog you can see the token. Make sure to copy it from this dialog as it won't be listed anywhere else after this.
New token is now generated and the person it was created for can be seen in the list.

Hiding API user

API user should be hidden from the general Silverbucket views. This can be done from the Administrator view's Users tab:
  • Select Users tab from the Admin view
  • Type api.user to Free text search field
  • Press Update report button
  • From the result list select API user's Edit link
  • Scroll down the Edit user dialog and set Stealth: true
  • Press Save button
Now this user is hidden from the most of the Silverbucket's views and will not confuse normal resourcing usage.

Testing the token

Now that you have the token and ID for the API user, you can test the token. You should be able to make call to the users endpoint with the URL:
Response should look like
    "count": 1,
    "csvUrl": "/customer-api/1.0/users/?user.id=5319&csv=true",
    "itemsPerPage": 500,
    "excelUrl": "/customer-api/1.0/users/?user.id=5319&excel=true",
    "next": null,
    "current": 1,
    "lastPage": 1,
    "data": [
            "id": 5319,
            "last_login": null,
            "username": "api.user",
            "first_name": "user",
            "last_name": "API",
            "email": "",
            "is_superuser": true,
            "is_staff": true,
            "is_contractuser": false,
            "is_mainuser": false,
            "is_active": true,
            "date_joined": "2019-08-14T12:44:51.386273",
            "startdate": "2019-08-14",
            "enddate": null,
            "dayload": "8.00",
            "language": "en",
            "is_external": false,
            "is_stealth": true,
            "cost_price": null,
            "hourly_rate": null,
            "external_id": null,
            "capacity": "100.00",
            "is_future_talent": false,
            "node": null,
            "country": null,
            "site": null,
            "cost_center": null,
            "default_role": 1,
            "supervisor": null,
            "calendar": null,
            "currency": 1
    "previous": null
How did we do with this article?