Get a Coveo access token
Get a Coveo access token
Whenever you log in to the Coveo Platform, a session begins, and the platform automatically generates an access token. Both are linked to the identity with which you’re authenticated in the Coveo Platform.
If your identity has access to a Coveo organization, you can use this token to authenticate calls to any of the Coveo REST API operations for which your identity has the required privileges in this organization.
To get your Coveo access token:
-
In your web browser, open the developer tools.
-
In your web browser’s developer tools, locate and inspect the
https://platform.cloud.coveo.com
item in the local storage. This can typically be found in the Storage or Application tab.In this item, the
coveo-access-token
key includes the following information:-
Your Coveo access token
-
Access token expiration
A Coveo Platform session and its associated access token are valid for up to four hours.
If you end your session by logging out of the Coveo Platform, your access token expires immediately.
If you close the browser window without logging out of the Coveo Platform, your session remains active. It automatically ends four hours after your initial login, and your access token expires when your session ends.
If the Coveo Platform is open and idle in a browser window, a timeout is triggered after four hours. This timeout ends your session, and your access token expires when your session ends. You can also request a shorter timeout period.
When the timeout is triggered, a Session expiration dialog appears in the browser window.

This dialog displays a 5-minute countdown, after which you’ll be automatically logged out of the Coveo Platform. You can interact with the dialog to log out immediately or click Stay logged in to begin a new session and generate a new access token.
Request a shorter timeout
For increased security, Coveo organizations can request a shorter timeout period, such as one hour. However, a timeout is only triggered when the Coveo Platform is open and idle in a browser window.
If you close the browser window without logging out of the Coveo Platform, even if your organization has requested a shorter timeout period, your access token expires four hours after your initial login.
|
If you access the Coveo Platform multiple times while your session remains active, the countdown to trigger the timeout will begin again any time the platform is left open and idle in a browser window. |
Contact Coveo Support to make this request. You must include the organization IDs for which the change is requested.
Examples
The following examples assume that your Coveo organization has requested a timeout period of one hour.
-
You log in to the Coveo Platform.
You leave the Coveo Platform open and idle in a browser window.
A timeout is triggered after one hour. Your session ends and your access token expires.
-
You log in to the Coveo Platform.
You close the browser window without logging out of the Coveo Platform.
No timeout is triggered, and your access token expires after four hours.
-
You log in to the Coveo Platform.
You close the browser window without logging out of the Coveo Platform.
You access the Coveo Platform again 90 minutes later, while your session is still active and your access token is still valid. You leave the Coveo Platform open and idle in a browser window.
A timeout is triggered after one hour. Your session ends and your access token expires.