Generating API Tokens

API tokens are used to authenticate Kintone REST API requests that are sent from external programs.
Specifying an API token for the "X-Cybozu-API-Token" header of a request authenticates the request and executes the API. You can also specify a comma-separated list of multiple API tokens.

Example of a request that uses an API token:
GET /k/v1/record.json?app=7&id=100 HTTP/1.1 Host: example.kintone.com:443 X-Cybozu-API-Token:cJrAD9Es62qm0Z3eE6uzQQmaDxM3q9jiDay1oysX

Example of looking up a customer name using multiple API tokens:
curl -X POST -H "X-Cybozu-API-Token: cJrAD9Es62qm0Z3eE6uzQQmaDxM3q9jiDay1oysX, 6oDAV8hCY6HTa1AC6EZbNe2dpc1t8QnWZrHOMgMb" "https://subdomain name.kintone.com/k/v1/record.json" -H "Content-Type: application/json" -d '{app: 20, record: {"Customer Name": {value: "kintone Research"}}}'

For details on the authentication that uses API tokens, see the following page:
Kintone REST API Overview (Kintone Developer Program)

How to Generate API Tokens

Open the app settings page.
Opening App Settings Page
Click the "App Settings" tab.
Under "Customization and Integration", click "API Token".
Click "Generate".
Select the check boxes of actions to be allowed for the generated API token.
Note
- Regardless of the following app settings, permission for API tokens is given priority.
  - Permissions for App
  - Permissions for Records
  - Permissions for Fields
Click "Save" on the upper left side of the screen.
Click "Update App" on the upper right side of the screen.