How to Create a Span API Token

Last updated: April 28, 2026

Span supports two types of API tokens depending on your use case: Personal Access Tokens and Service Account Tokens.

Option 1: Personal Access Token

A personal access token is tied to your user account and inherits your individual permissions. This is best for personal scripts or quick one-off integrations.

Steps:

  1. Go to Settings → Personal → Access Token

  2. Click Generate to create a new token

  3. Copy and securely store the token — you won't be able to view it again

Option 2: Service Account Token (Recommended for Automation)

Service accounts are non-human (bot) users designed for integrations, automation, and shared tooling. They authenticate via bearer tokens and keep credentials decoupled from any individual person.

Steps:

  1. Go to Settings → Service Accounts

  2. Click Create Service Account and give it a descriptive name (e.g., ci-botmetrics-ingest)

  3. Once created, generate a token from the service account's detail page

  4. Copy and securely store the token — it won't be shown again

To grant the service account access to resources:

  • Go to Settings → Permissions

  • Select the appropriate permission group

  • Add the service account to that group

Using Your Token

Include the token as a Bearer token in the Authorization header of your API requests:

Authorization: Bearer <your-token>

Full API documentation is available at api.span.app/docs-next.

Best Practices

  • Prefer service accounts over personal access tokens for shared tools and automation

  • Use descriptive names for service accounts so their purpose is clear

  • Rotate tokens regularly and revoke any that are no longer needed

  • Grant the minimum required permissions for each service account