Permissions For Cincopa API Token
Cincopa API Tokens are used to authenticate and authorize access to the Cincopa API. They enable applications or integrations to interact programmatically with your Cincopa assets, galleries, and other modules.
When generating an API token in your Cincopa account settings, you can define specific permissions to control the level of access granted. These permissions determine which actions the token can perform—such as reading, uploading, editing, or deleting data.
Assigning permissions carefully ensures that each integration or service only has the access it truly needs, keeping your account secure and well-controlled.
Permissions Types
Each Cincopa API Token can be assigned one or more permission types depending on its intended use. Below are the available permissions and their purposes:
| Permission Type | Description |
|---|---|
| All Permission | This grants all available permissions, including read, write, delete and upload capabilities. This is often required for comprehensive integrations like certain plugins or third-party applications. |
| Read Data | This permission grants the ability to retrieve information about your assets and galleries, but prevents any modifications or deletions. This is suitable for scenarios where data exposure needs to be limited, such as in client-side applications. |
| Write Data | This permission allows the token to create, update, and manage your assets and galleries. This is typically used in server-to-server integrations where the token is not exposed publicly. |
| Delete Data | This permission grants the ability to remove assets and galleries. This permission should be granted with caution due to its destructive nature. |
| Upload Data | This permission specifically grants the ability to upload new assets (like images, videos, audios or documents) into your Cincopa account or galleries. This is essential for integrations or applications that need to programmatically add new content to your Cincopa library. |
| Get Temp | Allows generation of temporary tokens used for short-term access or specific session-based actions. This is typically used in advanced integrations or automated workflows that require temporary authentication. |
Modules and Their Permissions
Asset
Handles video and media assets stored in your Cincopa account.
Full permission allows reading, uploading, updating, and deleting assets.
Common use: Integrations that need to upload or sync videos automatically.
Gallery
Manages galleries and playlists.
Full permission lets you create, modify, and delete galleries.
Useful for embedding or organizing video collections dynamically.
Portal
Controls access to Cincopa portals (user-facing collections).
Full permission provides access to manage portal configurations and assets.
Often used when syncing or customizing embedded portals.
Webhook
Handles automated event notifications from Cincopa.
- Full permission allows creating or managing webhook endpoints to receive updates (e.g., when an upload completes or analytics data changes).
Live
Covers live streaming events.
- Full permission enables creating, modifying, or deleting live stream sessions and fetching live data.
Token
Manages API tokens themselves.
Full permission lets you create, refresh, or revoke tokens.
Includes the Get Temp action, which generates temporary access tokens for short-term