Generate a token

Goal

Generate a temporary authentication token to authorize an embedded dashboard or the AI assistant in a development environment.

Prerequisites

• A Toucan AI account with active access.

• A valid API key.

• Access to the platform's security and embed settings.

Steps

1. Access embed settings

• Click on the Settings button in the main menu.

• Select the Embed & access tab to access the token management interface.

2. Configure authorized origins

• Navigate to the Authorized Origins section.

• Define the specific URLs (domains) where Toucan AI components are permitted to render.

• Toucan AI will reject requests and tokens used on domains not listed in this section.

3. Define token attributes

• Review the Token Attributes section to see default identity fields like distinctId and role.

• Add any custom attributes (e.g., location, department) required to test Row-Level Security (RLS) filters.

4. Generate a sandbox token

• Scroll to the Token Generation Sandbox section.

• Paste your API key into the designated field.

• Click Generate Token to create a signed credential.

• Validity: By default, sandbox tokens remain valid for 1 hour.

5. Verify and inspect

• Copy the generated token for use in your embed code.

• Token Introspection: If you need to verify the payload, use the Token Introspection section to view the encoded attributes and expiration timestamp.

Token functionality

The generated token facilitates the following during an embedded session:

• Secure Handshake: Authenticates the component without exposing your master API key.

• Data Scoping: Automatically applies RLS rules based on the attributes contained in the token payload.

Conclusion

You have generated a temporary token for testing purposes. While this sandbox token is suitable for development, production environments require your backend to generate these tokens dynamically via the API.

Suggested Next Step: How-to: Embed a dashboard or How-to: Configure Row-Level Security (RLS)