Stax provides two types of credentials for authenticating to the Stax API: API Tokens and Session Credentials. The credentials serve different purposes and your use case will dictate which type of credentials you will use.
Overview
The below table provides a summary of API Tokens and Session Credentials.
| API Tokens | Session Credentials | |
|---|---|---|
| Description | Long-lived credentials you can create within Stax. Created by an administrator and can be assigned any role in Stax | Short-term credentials which are created as part of your Stax session. Mapped to an individual's Stax user credential and inherits their role |
| Use case | Designed for machines, such as automated build pipelines | Designed for humans, especially those who want to experiment and explore the Stax API on an ad-hoc basis |
| Usage | API Tokens can only be used with the Stax SDK for Python | Session Credentials can be used with a developer tool, such as Postman. They do not work with the Stax SDK for Python |
| Attributes |
|
|
| Accessibility | Accessed via the Customer Menu in the left-hand nav, under API Tokens | Accessed via the left-hand nav, under the Profile page |
| Validity | Does not expire, however, regular credential rotation is recommended | Expires after 60 min |