# Using the API

### Get your API Token

To use the API, you must get your personal API token. A token belongs to a user, and all user-rights (or limits) are applied to each transaction executed with the token.

From the settings menu in the top-right corner, select "API Token". Generate a new token. The token is displayed only once. If you lose the token, it can't be recovered. So store the token in a safe place.

![API Token generation](https://1574570054-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MekeI9EovpQqbUTQSdM%2Fuploads%2FzKI4wogTZSUZNrgZv6kR%2Fapi-token.png?alt=media\&token=75a36d5c-b959-424b-899a-e196422b8f20)

{% hint style="info" %}
If you have command and/or scripts enabled on your clients, the API token can become very powerful. 🔥Taking full control over one or all clients might be possible with an API token. 

* Store the token safely. 
* Never communicate with the API without encryption (HTTPs). 
* Delete tokens that are not used anymore.
  {% endhint %}

### Test the token

The **base URL** of the API is `https://<server-domain>/api/v1`. You must use **HTTP basic authentication** using your username and the API token as password.

Test the API connection by fetching the server status. Example:

```
curl -u john:740df110-8b06-4071-90c1-13645a023a85 \
https://example.users.rport.io/api/v1/status
```

### Full API documentation

You can read the API documentation online [here](https://apidoc.rport.io).&#x20;