API access to data is controlled at several levels. First, data can only be obtained from a vault to which API access has been enabled by the CDD Support team. To enable the API for your vault, the vault administrator should email CDD Support.
Then, a token must be obtained. Tokens are on a per user/account level. The user generated tokens are created with a specific role or set of capabilities. The actual capabilities depend on the token owner’s role relative to the vault(s) being accessed.
Tokens should be safeguarded at the same level as other authentication information such as passwords. Like passwords, tokens cannot be retrieved from the web application. If you lose your token, you must delete the old one and create a new one.
Every API request must include the "X-CDD-Token" HTTP header. The value is an API token that you can obtain through the API Key management page by navigating to the Settings-> User-> API Keys page.
See also this Youtube-Video on this topic: