Manage Authentication Tokens

April 3, 2026

Personal API Tokens can be used to perform operations on Jahia Cloud. Tokens are attached to your user and valid for a configurable number of days (90 by default).

Create a token

Log into the Jahia Cloud UI with your browser, then open the following URL in a new tab:

<CLOUD_URL>/home.generateToken.do?jcrReturnContentType=json

The query parameter jcrReturnContentType=json is required so the action returns a JSON response.

Only one Personal API Token can exist per user. Calling this endpoint again (or refreshing the page) will delete the previous token and issue a new one.

Parameters

  • duration: Validity period of the token, in days. Defaults to 90.

Example

Generate a token valid for 30 days:

<CLOUD_URL>/home.generateToken.do?jcrReturnContentType=json&duration=30

Response:

{
  "token": "PRIVATE_TOKEN",
  "expirationDate": "2026-01-22T14:59:11.331Z"
}

Use the token

Set the token in the Authorization header of every request:

curl -i "${CLOUD_URL}/modules/cloudAction/createJahiaEnv.do" \
  -X POST \
  -H "Authorization: APIToken ${CLOUD_PAT}" \
  -H "Accept: application/json" \
  -H "Content-Type: application/x-www-form-urlencoded; charset=UTF-8" \
  -d "envName=my-env&shortDomain=my-env-jahiacloud&productVersion=8.2.3.0&rootPassword=VerySecuredPassword987&subscriptionItemId=122&regionId=aws&bandId=1"

Delete a token

Open the following URL while logged into the Jahia Cloud UI:

<CLOUD_URL>/home.deleteCurrentUserToken.do?jcrReturnContentType=json

Because only one token can exist per user, no token ID is needed.

Responses

ScenarioResponse
Token deleted{"result":"Token deleted"}
No token found{"result":"No token found to delete"}