Toshl Developer

Personal tokens

Developers can now create personal tokens to test drive the API.

  1. Visit apps page.
  2. Enter description and password.
  3. Save the generated personal token and treat it as you would any other password.
  4. Use the personal token as the username part of your Basic auth call as per documentation.

The personal token is locked to work only with your current user account (hence the personal moniker).

The full personal token is exposed only once - on creation. After that only part of the token will remain visible for security reasons. So this is one more reason to keep the token tucked away in a safe place. The tokens are set to never expire (or better: expire after a long long time). When you are done with testing the API you can delete the personal token on the apps page.

We are still working on properly opening up the API to 3rd party developers later on (with full OAuth2 support), but for now you can at least test drive the API.

If you find any issues or would just like to drop us a line about the cool integration you are working on, please send us an email to api (at)