API Tokens get removed from Client Masters or Managed Masters


Users report that their API Tokens defined at CM or MM level got removed or they are no longer valid.



By default, API Tokens are synchronized from Operations Center to the CMs and/or MMs. This means that if your users are defining their API Tokens at CM and/or MM level, they will be wiped out with the information stored at Operations Center level when the synchronization process happens.

There are two solutions for this.

  1. The first solution is to create the API Token at Operations Center level. CMs and MMs will get automatically updated once the configuration is saved in the Operations Center.
  2. At CM level, users could disable the Synchronize details on login. Users could achieve this in the user’s page at CM level.

Tested products/plugins version

The latest update of this article was tested with:

Have more questions?


  • 0
    Mark Kenneally

    Our solution is to block access to the users config page on the client masters and redirect users to their WhoAmI page on the Jenkins OC server using the Request Filtering plugin.

Please sign in to leave a comment.