Skip to main content
Pure Technical Services

How-To: Managing User API Tokens for the PowerShell SDK

Currently viewing public documentation. Please login to access the full scope of documentation.

This article applies to all versions of the PowerShell SDK. 

The PowerShell SDK uses the REST API to access and perform the various cmdlet operations against the Pure Storage FlashArray. The REST API uses an API Token authentication model. Individual users, whether added as part of the FlashArray Users or Directory Services, require an associated API Token for that particular user. The API Token is used to create a session between the client (Eg. Windows PowerShell console) and the FlashArray to perform actions.

The below screenshot shows that there is an API Token associated to pureuser and the Directory Services user mike.


When accessing the FlashArray with a Directory Service user account that does not have an API Token one will be automatically created. This only applies if the user account is a member of one of the three Directory Service groups (Array Admin, Storage Admin or Read Only group). When using a Directory Services user account to create a new session the format to use for login is USERNAME and PASSWORD. It is not necessary to use the common format of DOMAIN\USERNAME. Once directory services has been setup on the FlashArray the specific domain name will automatically be used

Creating a API Token for a User

To create an API token for a user, please refer to this document.