❗️

New API Token Format

Orbit has introduced a new API token format that makes the token more secure and verifiable.

All existing tokens will cease to function on November 30, 2021.

Please regenerate your API token in your account settings and update any applications or services with your new token before then.

Orbit uses API tokens to authorize access to the API. You can find your API tokens on the Account Settings page.

A screenshot of the API token in the Account Settings page.A screenshot of the API token in the Account Settings page.

A screenshot of the API token in the Account Settings page.

Bearer Token: include an Authorization: Bearer <your-api-key> HTTP header in your request (recommended)

To try out API requests right from your browser, you need to enter Bearer <your-api-token> inside the authorization prompt after clicking the "Try It" button on any API reference page. For example, try it with the List activities for a workspace API reference.

🚧

Do not forget to prefix your API token in the Authorization header or in the authentication menu with Bearer .

Clicking the padlock icon left of the “Try it” buttons opens up an authentication menuClicking the padlock icon left of the “Try it” buttons opens up an authentication menu

Clicking the padlock icon left of the “Try it” buttons opens up an authentication menu

Dedicated API user

When you create members, notes, and activities with your personal API token, the user who created the action displayed in the Orbit UI will be you. If you'd prefer that to be different, we recommend that you create a new Orbit account for an "API user" and use that user's API token. This isn't mandatory but makes sense in a team setting where you'd like your teammates to know if it was you who created the object vs. an integration or API call.