New Podcast
Managing Traffic During Peak Demand; Plus, Microsoft, Akamai Outages
All Products

Multi-factor Authentication for API Token Generation

To enhance the security of user API tokens, ThousandEyes introduced MFA via Email in the token generation, removal, and regeneration workflow.

Innovation Overview

Security is at the core of ThousandEyes, and with the latest updates, we are introducing a significant enhancement to the security of user API tokens. Now, whenever users need to create, remove, or regenerate basic tokens or OAuth bearer tokens, they must enter the multi-factor authentication (MFA) code sent to their email. 

Feature Highlights:

  • Secured Token Management: Only a legitimate user who has access to their user email can generate a Basic or OAuth Bearer token 

Customer Benefits:

  • Start Monitoring Instantly: Block unauthorized access by entities that IDP provisions without an email address

Here are the quick steps to generate a User API Token:

  1. Go to Account Settings > Users and Roles

  2. Under the API User Token section, generate “OAuth Bearer Token” for using the v7 API

  3. The “Verification Required” window opens, asking for MFA token

  4. Find the ThousandEyes email with the title of “Validation Code to…” 

  5. Copy the token from the email and paste it into the Verification windows 

  6. A new token is generated and displayed

  7. Keep the token secure, and use it for the ThousandEyes API 

  8. Once the token window is closed, the token code cannot be retrieved

Subscribe to Product Innovations

  • All Product Innovations
  • Cloud Insights
  • Connected Devices
  • Endpoint Experience
  • Internet Insights
  • Network and Application Synthetics
  • WAN Insights

Upgrade your browser to view our website properly.

Please download the latest version of Chrome, Firefox or Microsoft Edge.

More detail