API Access Tokens

An API Access Token is required in order to authenticate the Calibre Command Line tool with your team’s account. API tokens carry many privileges, so be sure to keep all of them secret.

Tokens can be managed by visiting the API Tokens page, which can be found under the team dropdown. Only admins can generate tokens.

Expiring Tokens

You can set the expiry on a token by selecting an option from the "Expires in" field. When a client makes a request with an expired token it will be forbidden.

Refresh Token

The Refresh Token API allows you to refresh a token before it expires. A successful call to this endpoint will refresh the token for the same period that was set when the token was created.

You can refresh a token by making a POST request to https://calibreapp.com/api/refresh_token with the following headers:

  • Authorization: Token YOUR_API_TOKEN

Allowed IP Addresses

You can choose to only allow specific IP addresses to use an API token by adding an IP address or range to the "Allowed IP Addresses" field. Leave this field blank to allow requests from all IP addresses.