Duplo supports two kinds of API tokens, temporary API tokens and permanent API tokens. For normal use cases, we recommend using a temporary API token. For CI/CD or other DevOps automation, a permanent API token is warranted.
Permanent API tokens will expire after one year.
Temporary API tokens
Every time a user logs in to Duplo, a temporary API token is created for that user that only lasts for the duration of their session.
Getting a Temporary API token
Any user can retrieve their own temporary API token from Duplo. Navigate to the User -> Profile page. Click the copy icon
in the Temporary API Token pane
Permanent API tokens
Only administrators can create permanent API tokens. Permanent tokens are always associated with a specific Duplo user.
Note: Permanent API tokens will expire after one year.
Creating a permanent API token
Navigate to the Administrator -> Users page. Click the username in the list, to go to a specific user's page. Click the Tokens tab.
Click the blue + Add button. Give your token a memorable name and click Create.
Click the Copy button to copy your token to the clipboard. Save it somewhere safe, you will not be able to retrieve it from Duplo later.
Caution: Always save your token somewhere safe. You will not be able to retrieve it again from Duplo after you have created it. However, if you lose your token, you can always create a new one.