Skip to main content

API Tokens

API tokens authenticate your CLI with the cloud dashboard for telemetry reporting.

Creating a Token

  1. Go to app.dotsetlabs.com
  2. Open your project
  3. Click the API Tokens tab
  4. Click New Token
  5. Name your token (e.g., “CI Pipeline”, “Local Dev”)
  6. Copy the token immediately — it won’t be shown again
Store tokens securely. Treat them like passwords.

Token Format

Tokens follow this format: 
dss_<random-48-chars>
Example: dss_a1b2c3d4e5f6...

Using Tokens

dotset link <project-id> --token dss_xxxxx
This saves the token to .dotset/project.json (add to .gitignore).

In CI/CD

Set as an environment variable: 
# GitHub Actions
env:
  DOTSET_TOKEN: ${{ secrets.DOTSET_TOKEN }}

steps:
  - run: dotset link ${{ vars.PROJECT_ID }} --token $DOTSET_TOKEN
  - run: dotset run --mode redact -- npm test

Token Limits by Plan

PlanTokens per Project
Free1
Pro5
BusinessUnlimited

Revoking Tokens

  1. Go to your project’s API Tokens tab
  2. Click the trash icon next to the token
  3. Confirm deletion
Revoked tokens stop working immediately.

Security Best Practices

  • Use different tokens for dev and CI
  • Rotate tokens periodically
  • Never commit tokens to git
  • Use environment variables in CI