API tokens

API tokens are developer keys used to access your account's information for integrations.

API tokens are not available to users on Basic subscription plans.

An API token grants access to your account's information. Treat your API token like an app password: only select the level of access that you need, and do not give an API token to anybody you do not trust.

Creating an API token

To create an API token:

  1. Log in to the Fastmail web interface and go to the Settings → Privacy & Security screen.
  2. Find the Connected apps & API tokens section. Click Manage API tokens.
  3. Click New API token.
    • A Verify it's you box may appear. Enter your password and click Continue. (For more information, see our Password-protected actions help page.)
  4. Enter a name to identify this API token. (Make sure it's something you will be able to read and understand in the future, in case you need to review or revoke access.)
  5. Select whether your API token should have read-only access, and the level of access your API token is granted.
  6. Click Generate API token.

The next page will display your new API token. Copy and paste the token into a safe place before you click the Done button in your Fastmail settings, as you will not be able to see it again.

Reviewing and removing API tokens

You can review an API token's access details at any time, which include the following:

  • What the API token has access to
  • The date and time access was first given
  • The date and time of most recent access

To review an API token's access details:

  1. Log in to the Fastmail web interface and go to the Settings → Privacy & Security screen.
  2. Find the Connected apps & API tokens section. Click Manage API tokens.
  3. Find the API token and click Review access

You can remove an API token at any time if you no longer use or trust an app, or if you lose your device.

To remove an API token:

  1. Log in to the Fastmail web interface and go to the Settings → Privacy & Security screen.
  2. Find the Connected apps & API tokens section. Click Manage API tokens.
  3. Find the API token and click Review access
  4. Click Remove access.
  5. Click OK if you are sure you want to continue, as this action cannot be undone.
    • A Verify it's you box may appear. Enter your password and click Continue. (For more information, see our Password-protected actions help page.)
  6. You will return to the API tokens screen, where you can confirm that the API token has been removed.

Where can I learn more about using API tokens?

If you're interested in learning more about writing integrations with Fastmail, a great place to start is reading our developer documentation.

API token integrations

Was this article helpful?
7 out of 14 found this helpful