Create and Manage Filer and User API Tokens

Introduction to API Tokens

Application Programming Interface (API) tokens are a security requirement for use of EDGAR Next APIs.

As explained below, there are two different API tokens: the filer API token and the user API token.

For information about EDGAR Next APIs, and additional information about filer API tokens and user API tokens, refer to How Do I Understand EDGAR Application Programming Interfaces (APIs), Overview of EDGAR APIs, and the API Development Toolkit.

Create a Filer API Token

A filer must present a filer API token to connect to APIs.

• A filer API token is valid for one year from date of creation.
• Filer API tokens must be created by a filer’s technical administrator.
• Each filer must have at least two technical administrators to connect to APIs.
• A filer’s technical administrators are responsible for managing the filer’s connections to APIs.
• Technical administrators may generate an unlimited number of filer API tokens on the dashboard.
• Multiple different filer API tokens can be used by the filer at any given time, and filer API tokens may overlap in duration.

Exception for use of delegated entity filer API tokens: A filer may choose to use the filer API token and API connections of its delegated entity (so long as the filer’s delegated entity has authorized at least two technical administrators and complied with all other requirements of APIs).

• While the filer may use the filer API token of its delegated entity, the filer’s account administrator or user must present that individual’s own user API token (generated on the dashboard) to use the API (if the relevant API requires a user API token).

A technical administrator may create a filer API token by following these steps:

1. Log into the EDGAR Filer Management website using your Login.gov individual account credentials.
2. Select My Accounts on the dashboard.
   • If the My Accounts accordion is greyed out and inaccessible, then you have not been authorized for any filer account. You must be authorized for at least one filer account to view the My Accounts accordion.
   • Always ensure that you have selected the number of Items per page (at bottom-right of the table) that will enable you to see the full scope of options available. Select the relevant filer.
3. Select Manage Filer API Token.
4. If the Manage Filer API Token is greyed out and inaccessible then you have not been authorized as a technical administrator and therefore cannot create the filer API Token.
5. Select Create New Filer API Token.
6. If you wish, you may name the filer API token for your reference. This step is optional.
7. Select Create.
   • If the filer does not have at least two technical administrators you will receive an error message directing you to add a technical administrator before a filer API token can be created.
8. Copy and/or download the filer API token.
   • If you copy the filer API token, a pop-up message appears indicating Success! Filer API Token copied to your clipboard.
   • If you download the filer API token, a pop-up of the downloaded file appears.

9. Select Done.

   • A pop-up success message appears.
   • A filer API token is generated, active, and displays the expiration date in the filer API token table located on the filer dashboard.
   • You will receive an email verification at the address provided to create your Login.gov credentials for EDGAR.

Inactivate a Filer API Token

A filer’s technical administrator can inactivate a filer API token at any time. Once inactivated, no one will be able to use the token.

1. Follow steps 1 through 4 under Create a Filer API Token above.
2. Select the ellipsis next to the relevant token under the Actions column, select Inactivate, then choose Yes, Inactivate.
   • A pop-up success message appears.
   • You will receive an email verification at the address provided to create your Login.gov credentials for EDGAR.
   • The status of the token will appear as Inactive on the dashboard.

Create a User API Token

Each account administrator or user must present that individual’s own user API token to certain APIs as described below.

• An account administrator or user must present that individual’s user API token to the EDGAR Submission API and any EDGAR Filer Management API.
• A user API token is not required for the EDGAR Submission Status API or the EDGAR Operational Status API.
• User API tokens are valid for 30 days from date of creation.
• An account administrator or user may generate a user API token.
• A technical administrator cannot generate a user API token (unless the technical administrator is also a user or account administrator).
• Each individual may only have one active user API token at any given time.
  • Filers may avoid filing deadline concerns raised by the expiration of user API tokens by ensuring that multiple users and/or account administrators have user API tokens that expire on different dates.

An account administrator or user may create a user API token by following these steps:

1. Log into the EDGAR Filer Management website using your Login.gov individual account credentials.
2. Select My User API Token.
3. If this is the first time you are creating a user API token, a notice will appear indicating that you have not created a user API Token.
4. Select Create User API Token.
5. Read and review the user API token message, then select Create User API Token.
   • You can copy and/or download your newly created user API token.
   • If you copy the user API token, a pop-up message appears indicating Success! User API Token copied to your clipboard.
   • If you download the user API token, a pop-up of the downloaded file appears.

Create New User API Token option will display after you have created the initial user API token.)

To inactivate a user API token, simply create a new user API token. When an individual creates a new user API token, the individual’s prior user API token is automatically inactivated by EDGAR.