Access Tokens (CQAT)

BrowserStack Code Quality Access Tokens (CQAT) are personal credentials that allow your applications and CI/CD pipelines to authenticate and interact with BrowserStack Code Quality APIs securely.

1. Generating a Personal Access Token

Follow these steps to create a secure token for your integration.

1. Navigate: On the left navigation bar, click Admin > Access Tokens.
2. Initialize: Click Generate New Token.
3. Identify: Provide a Name for the token (e.g., Jenkins-Build-Server or GitHub-Actions-Scanner).
4. Authorize: Select the specific Permissions required for the token's intended use.
5. Finalize: Click Generate Token.

CAUTION

Copy your token immediately. For security reasons, BrowserStack Code Quality will only display this token once. If you close the window or refresh the page, you will lose access to the token and must generate a new one.

2. Revoking a Token

Revoke a token immediately if it is compromised or no longer required for your workflow.

1. Go to the Access Tokens page (Admin > Access Tokens).
2. Find the specific token you wish to deactivate.
3. Click Revoke Token.
4. Review the warning message in the popup and click Delete Permanently to confirm.

3. API Integration

Once you have your token, you can use it to authorize requests to the BrowserStack Code Quality REST API.

Example Authentication Header:

Authorization: Bearer <YOUR_CQAT_TOKEN>

Common Use Cases

CI/CD Pipeline Integration
Use tokens in GitHub Actions, Jenkins, GitLab CI and other CI/CD tools:

env:
  EMBOLD_TOKEN: ${{ secrets.EMBOLD_TOKEN }}

CLI Scanner Authentication
Authenticate the command-line scanner for remote analysis:

embold-scanner analyse -t $EMBOLD_TOKEN -r <REPO_UID>

Repository Configuration
Download repository configuration files via API:

curl --header "Authorization: Bearer <TOKEN>" \
  https://{{EMBOLD_SERVER_URL}}/api/v1/repositories/{REPO_UID}/scans/config/download

Technical Reference: To explore all available API endpoints and schemas, visit your local documentation portal: 👉 Embold Docs Portal

Related Documentation

Authentication & Access Control

• User Roles & Permissions - RBAC system overview and configuration
• SAML SSO Integration - Enterprise identity provider setup
• SSO Configuration - Single sign-on implementation guide
• Token Permissions - Required permissions for integrations

Integration Usage

• CI/CD Integration - Use tokens in GitHub Actions, Jenkins, GitLab CI
• CLI Scanner - Command-line authentication and usage
• GitHub Actions - Native plugin configuration
• GitLab CI - GitLab CI/CD setup with tokens

Repository Management

• ️ Projects & Repositories - Create projects and find Repository UID
• ️ Repository Settings - Download configuration files with API
• ️ Quality Gates - Configure automated quality enforcement

Development Workflows

• Analysis & Scanning - Code analysis workflows using tokens
• Gated Commits - API integration for code quality gates
• Commit Workflows - Automated quality checks in Git workflows

Security Best Practices

• Platform Security - Security architecture and best practices
• Deployment Security - Production deployment security
• Environment Variables - Secure configuration management