Send a Bearer token on protected routes:
Authorization: Bearer pat_PROJECT_TOKEN
Project API Tokens
Project API Tokens are the public integration credential for project data API calls.
| Token | Prefix | Purpose |
|---|
| Project API Token | pat_ | Long-lived backend/server token for one project’s API calls. |
Project API Tokens have full database power inside their project. Store them like database passwords.
Creating and rotating tokens
The usual path is the ZangTable admin panel: log in at https://zangtable.com, open a project, and create a token from the project’s API Tokens area.
Server-side token-management endpoints also exist for trusted automation. Use them only from a backend that already has a project credential allowed to manage API tokens. Creating a new Project API Token currently revokes previous Project API Tokens for the same ZangTable account user inside that project.
Error behavior
- Missing Bearer token returns
401 missing_authorization.
- Expired, revoked, inactive, or unknown tokens return
401 invalid_token.
- Token creation through the API requires an existing project credential that is allowed to manage API tokens.
Token management endpoints