API Token Management
Looking to get started as quickly as possible?
View our Quickstart Guide ↗
LoanPro's Loan Management System (LMS) allows users to generate multiple API tokens per environment. Each token is associated with a user profile and adopts the access and role settings assigned to the user—providing the ability to grant granular access to specific API actions. In addition to access settings, LoanPro's token management tools help keep your API tokens organized and fresh by providing regeneration and labeling options.
Keep reading to learn more about token creation and management.
Token creation
Start by navigating to Settings > Company > API > Overview within your LoanPro environment. Next, enable API access if it hasn't been enabled already. Following that, complete the following steps to create a new API token:
The list of available agents when creating a new API key will be limited to the agent users who have logged in and signed the LoanPro usage agreement.
When selecting a user to associate with the token, keep in mind that the user's access settings extend to API usage. LoanPro's Role-Based Access feature grants users access to specific pages and buttons within the software. This extends to API usage as well by granting users access to specific endpoints and methods. For example, a Role might grant users access to only GET requests made to the /Loans and /Customers endpoints. To learn more about Role-Based Access, see Creating Agent User-based Access ↗
Created tokens are listed within the results of the API Overview page. Here's a breakdown of the information that describes each token:
| Column Name | Description |
|---|---|
| API Token | The authentication token used for API requests. |
| Username | The email address of the agent user associated with the token. |
| Title | An optional, customizable label that helps describe the token. This can be used to describe the purpose of the token, where it might be used in integrations, a description of its access, and more. |
| Role | The name of the role assigned to the agent user. |
Lastly, multiple tokens can be associated with a single user. However, creating multiple tokens for a single user is not recommended, as determining the origin of requests will become more difficult.
Token management
Once tokens are created, they can be managed via the API Overview page. Click the three-dot menu icon to manage an individual's API token.
The following management tools can be used to ensure tokens remain organized, secure, and fresh:
| Action | Description |
|---|---|
| Regenerate | Generates a new token for the same user. |
| Disable | Temporarily disables the token. Disabling a token will result in 401 Authentication Error responses. Tokens can be reenabled. |
| Delete | Deletes a token permanently. Proceed with caution—this action cannot be undone. |

