Modifying an Access Token

You can modify access tokens. For example, you can extend the access token after it expires or change the scope.

For Administrators

An administrator can modify access tokens that are associated with a service account and a user account.

Before You Begin

To modify an access token for a user, you must have one of the following permissions:

• Add, delete and modify a user

• Administrative Management

Procedure

1. From the Command Center navigation pane, go to Manage > Security.

   The Security page appears.

2. Click the Users tile.

   The Users page appears.

3. Do any one of the following:

   • To modify the access token associated with the service account, click the service account username.

   • To modify the access token associated with the user account, click the user account username.

     The user page appears.

4. On the Access tokens tab, in the row for the access token, click the action button , and then click Edit.

   The Edit token dialog box appears.

5. Modify the Name, Expires or Renewable until time, and Scope.

   Note

   • You can change the scope only between All, Custom, and Hyperscale access tokens. For Microsoft SCIM and 1-Touch recovery access tokens, you cannot change the scope.

   • The Renewable until box appears only for All, Custom, and Hyperscale access tokens. And, the Expires box only appears for Microsoft SCIM and 1-Touch recovery access tokens.

6. To control from which IP addresses the service account must be used to execute REST APIs, do the following:

   1. Go to the IP allowlist section, click Edit.

      The Edit IP allowlist dialog box appears.

   2. Enter the IP addresses or CIDR range. You can enter the IP address in IPv4 or IPv6 format.

   3. Click Save.

7. Click Save.

For End Users

You can modify access tokens that are associated only with your user account.

Procedure

1. In the upper-right corner of the Command Center window, click your username, and then select Profile.

   The profile page appears.

2. On the Access tokens tab, in the row for the access token, click the action button , and then click Edit.

   The Edit token dialog box appears.

3. Modify the Name, Expires or Renewable until time, and Scope.

   Note

   • You can change the scope only between All, Custom, and Hyperscale access tokens. For Microsoft SCIM and 1-Touch recovery access tokens, you cannot change the scope.

   • The Renewable until box appears only for All Custom, and Hyperscale access tokens. And, the Expires box only appears for Microsoft SCIM and 1-Touch recovery access tokens.

4. To control from which IP addresses your access token must be allowed to execute REST APIs, do the following:

   1. Go to the IP allowlist section, click Edit.

      The Edit IP allowlist dialog box appears.

   2. Enter the IP addresses or CIDR range. You can enter the IP address in IPv4 or IPv6 format.

   3. Click Save.

5. Click Save.