API Access Tokens
An API Access Token is required in order to authenticate the Calibre Command Line tool with your team’s account. API tokens carry many privileges, so be sure to keep all of them secret.
Tokens can be managed by visiting the API Tokens page, which can be found under the team dropdown. Only admins can generate tokens.
You can set the expiry on a token by selecting an option from the "Expires in" field. When a client makes a request with an expired token it will be forbidden.
The Refresh Token API allows you to refresh a token before it expires. A successful call to this endpoint will refresh the token for the same period that was set when the token was created.
You can refresh a token by making a POST request to
https://calibreapp.com/api/refresh_token with the following headers:
Allowed IP Addresses
You can choose to only allow specific IP addresses to use an API token by adding an IP address or range to the "Allowed IP Addresses" field. Leave this field blank to allow requests from all IP addresses.