Skip to main content
All CollectionsDeveloper & API
Generating a PAT (Personal Access Token)
Generating a PAT (Personal Access Token)

This article outlines how to create a Personal Access Token.

Isobel Honour avatar
Written by Isobel Honour
Updated over a week ago

Before you can use an OData compatible reporting tool or integration, you need to authenticate yourself and then generate an authentication token for the third party application. That sounds pretty techy, but it's actually very simple...let us show you how!


  • You'll need to have CRM Admin rights in order to follow the steps in this article.

Step 1: Log in to your CRM

First of all, log into your CRM here.

Step 2: Go to My profile

Click on your user profile and select 'My Profile' from the drop-down.

Step 3: Create a Token

Navigate to the Tokens page on the left-hand side and click on the 'Create Token' button.ย 

Please Note: The Tokens page will only appear if you have Admin permissions.

Step 4: Creating PAT

Select the scope that you require. In this instance, you want access to the OData API.

Make sure you give it a useful name (Description) - one which you'll recognise when you look at the list in a month's time and wonder if you should or shouldn't revoke this token!

Step 5: Set an Expiry

Then, consider carefully the expiry date of the PAT. For security reasons, you don't want to create every PAT with an unlimited expiry, but if you plan to publish your Power BI, or other dashboards for your colleagues to access, then you probably don't want the PAT expiring as soon as you share it.

Renewing the PAT in a year might be the best compromise. Or, if you want minimal hassle and are confident about how this token is to be used, and so aren't too worried about the security implication, then select 'Never' expire. After all, you can return to this screen and revoke any PAT at any time, even if you initially set it to never expire.
Clicking 'Create' will generate your token. Don't forget to copy this token and keep it safe. Once you close the screen the token cannot be regenerated (although you can revoke it and generate a new one).

Finally, a note of caution - this PAT is like your credit card PIN. Never explicitly share it with anyone, as doing so would allow identity fraud within your organisation...other users who require PATs should generate their own, using their own credentials.

Did this answer your question?