Token Management

A token (Token / API Key) is the credential your applications use to call the Tokaify API. In Token Management, you can create tokens and configure limits such as quotas, model access, IP allowlists, and expiration.

Create a Token

Sign in to the console and open Token Management.
Click Add Token.
Fill in the basic information:
- Token Name: choose a name based on usage, such as test, prod-app, or nextchat
- Group: select the appropriate business group from the available options
Configure any other restrictions you need, then save.

After creation, the token will appear in the list.

Configure Restrictions

When creating a token, you can add restrictions based on your use case.

Quota Limits

You can set a consumption cap for a single token to limit how much it can spend.

Common use cases:

Usage caps for test environments
Independent budgets for partners
Risk isolation for temporary projects

Model Restrictions

You can restrict a token to specific models so it cannot accidentally use models you do not want or higher-cost models.

Common use cases:

Fixed-model integrations
Separating access across different model capabilities
Isolating permissions by business use case

IP Restrictions

You can allow the token to be used only from specific IP addresses, which is especially useful for production services and fixed-server deployments.

Expiration Time

You can set an expiration date for demo, short-term, or temporary collaboration scenarios.

View the Secret and Copy Access Information

After creating a token, you can view and copy the information needed for integration.

Find the target token in the Token Management list.
Click View Full Secret to reveal the complete token.
Then choose the format you need:
- Copy Token: for code, scripts, or environment-variable based integrations
- Copy Connection String: for third-party clients or preset integration flows

If you are integrating your own application, you will usually use the full token together with the platform's API Address.

Enable, Disable, and Delete

You can maintain existing tokens directly from the list.

Enable / Disable

Use the switch to quickly enable or disable a token. This is useful for temporary suspension, risk control, or paused projects.

Delete

Delete a token when it is no longer needed.

Before deleting it, make sure the token is not still being used by any production service, script, or third-party client.

Recommendations

Create separate tokens by project, environment, or use case instead of sharing one credential across multiple systems
Add quotas or expiration dates for test and temporary tokens
Combine production tokens with IP restrictions whenever possible
Full secrets are not shown by default, so only reveal and copy them in a secure environment

FAQ

Why can't I see the full token in the list

The full secret usually needs to be revealed manually and is not displayed by default.

I created a token, but it still doesn't work

Check these items first:

Whether your account balance is sufficient
Whether the token is disabled
Whether the token is expired
Whether the current model is within the token's allowed scope
Whether the current source IP is blocked by IP restrictions

Should I copy the token or the connection string

If you are integrating your own code, use Copy Token. If you are integrating a third-party client, Copy Connection String is usually more convenient.