What is an API Token?
An API Token is a personal access credential that allows external tools (such as AI coding assistants, scripts, or integrations) to interact with your Instill workspace on your behalf.
API Tokens are used primarily to:
Connect AI assistants (Cursor, VS Code, Claude, Windsurf) to Instill via MCP
Automate workflows with the Instill API
Integrate Instill with other tools in your stack
How to create an API Token
Go to Settings > API Tokens.
Click Create Token.
Give the token a descriptive name (e.g., "Cursor MCP", "CI Pipeline").
Click Create.
Copy the token immediately — it won't be shown again.
Managing tokens
View all your active tokens under Settings > API Tokens.
Delete a token at any time to revoke access. Any tool using that token will lose access immediately.
Create multiple tokens for different tools or purposes.
Security best practices
Never share tokens publicly — Treat API tokens like passwords.
Use separate tokens for each tool — If one token is compromised, you can revoke it without affecting other integrations.
Delete unused tokens — Periodically review and remove tokens you no longer need.
Rotate tokens regularly — Delete old tokens and create new ones for long-running integrations.
Where are API Tokens used?
The most common use case is connecting your AI coding assistant to Instill via MCP. See the article Connecting your AI assistant to Instill for step-by-step setup instructions.