Access Tokens

Storyblok offers a rich set of APIs and services for delivering and managing content and assets. Tokens protect access to these services.

Read-only access tokens

Read-only access tokens allow you to read the content and assets in one specific space. In a space, navigate to Settings > Access Tokens to manage all of its tokens. The following types of tokens are available:

• Public: Access published content using the Content Delivery API.
• Preview: Access draft and published content using the Content Delivery API.
• Asset: Access private assets using the Content Delivery API. Read more about private assets and how to use them in your website in the assets concept.
• Theme: Access a theme for use by the Storyblok rendering service. The Storyblok rendering service is now deprecated.
• Release: Access content associated with a specific release. Requires the Releases App.

Below is an example using the @storyblok/js SDK to fetch content from the Content Delivery API:

import { storyblokInit, apiPlugin } from "@storyblok/js";

/* use a public or preview access token */
const { storyblokApi } = storyblokInit({
  accessToken: "YOUR_ACCESS_TOKEN",
  use: [apiPlugin],
});

const { data } = await storyblokApi.get("cdn/stories", { version: "draft" });

Note

Learn more in the Content Delivery API authentication section.

Read-write access tokens

Use these tokens to perform CRUD operations via the Management API.

Personal access token

This token is account-specific and can be generated in the account settings (My account > Account settings > Personal access tokens).

Tip

When creating a new access token, you can set an expiration date. This can help prevent unauthorized access to your Storyblok account.

OAuth access token

This token is obtained via the OAuth2 authentication flow and is tied to a single space.

Note

Learn more about personal and OAuth tokens in the Management API authentication section.