What's the difference between Agent Tokens and API Tokens?

Indicate offers two kinds of access tokens. They look similar (both are credentials paired with an account) but serve very different purposes.

• Agent Tokens are for external tools that act on a person's or team's behalf, such as AI assistants like Claude, automation tools like n8n, and code editors like VS Code via MCP. The classic use case: you want to chat with your commpanies data with an AI like Claude.

• API Tokens are for using Indicate as a data infrastructure layer. They authenticate another software platform that reads from Indicate via the API, such as an internal product, or a customer-facing application. Indicate stores and governs your data, and your downstream systems read from it through API Tokens. They are an Enterprise feature.

If an integration is a tool acting on someone's behalf, you want an Agent Token. If it's a software platform reading Indicate as a data source, you want an API Token.

How do tokens relate to my accounts?

Both token types are paired with one account, either a Member User (a real person) or a Service User (a non-personal account for shared team or system access). The token inherits all access rights from that account.

• One account can have multiple tokens.

• One token belongs to exactly one account.

• Revoking a token does not affect the account.

• Deleting an account revokes all of its tokens.

Both token types can be paired with either account type. Member Users and Service Users are available on all plans. See → Team for the user model.

What are Agent Tokens?

Agent Tokens authenticate external tools like Claude, n8n, and VS Code that act on a person's or team's behalf, typically through MCP. They are available on the Core, Pro, and Enterprise plans, billed per seat by scope. See → Agent Tokens for scopes, how to create one, and how to revoke it.

What are API Tokens?

API Tokens authenticate another software platform that reads from Indicate via the API, such as BI tools, internal products, customer-facing applications, data warehouses, and ETL pipelines. They are an Enterprise feature. See the pricing page for plan details.

The typical setup: Indicate is your governed data layer, and your downstream platforms query metrics through API Tokens. This keeps definitions consistent across every consumer, instead of each platform re-implementing its own version of the same metric.

See → API Tokens for more.

Where do I manage tokens?

Both token types live under Settings → Tokens. The screen is labelled Access Tokens and has two tabs: Agent Tokens and API Tokens.

From either tab you can:

• Create a token: + New agent token on the Agent Tokens tab, or a new API Token on the API Tokens tab.

• See each token's Name, masked Token, Scope, Assigned to account, Status, last Activity, and Created date.

• Use the ⋮ menu on any token to Edit, Regenerate, Install in VS Code (Agent Tokens only), View mcp.json (Agent Tokens only), or Revoke.

• Filter by All, Active, Revoked, or Regenerated, or search by name.

**Permissions.** Only **Owners** and **Admins** can create, regenerate, or revoke tokens. All changes are recorded in the Audit Log under the `API Tokens` namespace.

Troubleshooting

I assigned a token to the wrong user or account.

Open the ⋮ menu on the token and choose Edit, select the correct account under Assigned user, and click Save changes. You can reassign a token at any time.

What is the difference between single-space and multi-space?

A single-space token works only in the space where you created it. A multi-space token works across every space the assigned account belongs to. See the pricing page for the price of each scope.

How do I delete a token?

Tokens are not deleted, they are revoked. Open the ⋮ menu on the token and choose Revoke. The token stops working immediately, but the account it was assigned to stays intact. See → Agent Tokens.

What are agent tokens?

Agent tokens are credentials that allow AI agents and external tools to authenticate with the Indicate API on behalf of a user or service account. You can use them to connect Indicate to any compatible application, such as Claude, LangChain, VS Code, n8n, or custom integrations.

• Each token is scoped to a single space or all spaces (multi-space), and assigned to a human user or a service account.

• Tokens can be regenerated at any time — the old token is immediately invalidated and a new one is displayed once.

Note:

• After creation, the token is displayed only once. Copy and store it securely — it cannot be retrieved again.

• Each agent token is billed as an additional seat (€19/mo). The first billing cycle is prorated from the creation date.

How to create an agent token

Navigate to Settings → Tokens → Agent Tokens and click + New agent token to open the creation dialog.

• Enter a TOKEN NAME (e.g. “Production API Key”).

• Optionally, select a user to assign the token to under ASSIGN TO USER. You can change this later.

• Choose an ACCESS SCOPE: Single-space (access to this space only) or Multi-space (access across all spaces).

• Toggle “I acknowledge the additional billing for this agent token seat” and click Create token.

• Copy the token immediately — it is displayed only once and cannot be retrieved again.

How to regenerate or revoke a token

To manage an existing token, hover over the token row in the Agent Tokens list and click the three-dot menu (⋮) on the right.

• Regenerate — generates a new token and immediately invalidates the old one. The new token is shown once.

• Revoke — permanently deactivates the token. Any integration using it will lose access immediately.

• Install in VS Code — opens VS Code with the token pre-configured for the Indicate MCP extension.

• View mcp.json — shows the MCP configuration JSON you can paste into Claude, n8n, LangChain, or any MCP-compatible tool.

Next steps

Once your token is created, you can assign it to a human user or a service account in Settings → Team → Service Accounts. Use the View mcp.json option or Install in VS Code shortcut to quickly connect your token to an external tool like Claude, n8n, LangChain, or any MCP-compatible application.

Up next

Service accounts → Create a service account → Delete a service account

Did we forget something? No worries! Just send us an email at [email protected]

Indicate API Access