API Tokens

API tokens enable programmatic access to the Polysystems platform. Use them in CI/CD pipelines, MCP servers, CLI tools, and automated scripts.

Creating a Token

1
  • Navigate to Secrets → Tokens tab
    • 2
  • Click Create Token
    • 3
  • Enter a descriptive name (e.g., "CI/CD Pipeline")
    • 4
  • Select the required scopes
    • 5
  • Copy the generated token immediately
    • !Warning
    The token value is shown only once. If lost, you must revoke and create a new one.

    Token Format

    All tokens follow the format sk-poly-{random}. The raw value is SHA-256 hashed before server storage.

    Available Scopes

    ScopeDescription
    secrets:readRead vault contents and list secrets
    secrets:writeCreate, update, and delete secrets
    mcp:accessAccess secrets via MCP protocol
    agents:readRead agent configurations
    agents:writeCreate and deploy agents
    adminFull account access

    Revoking Tokens

    Click the revoke button next to any token. Revocation is immediate and irreversible. All in-flight requests using that token will fail with 401 Unauthorized.

    API: Revoke Token

    DELETE/api/secrets/tokens/:token_id
    PreviousEnvironment VariablesNextTeam Sharing