Why use an authorization token client over local accounts?

I’m using SpecklePy for automations, and I usually authenticate with get_default_account(), which seems like the easiest way to go. However, in this discussion, it was mentioned that using an authorization token client instead of local accounts might be preferable.

To me, using the default account feels simpler since it skips the step of generating a token for each task. But I’d love to understand the advantages of using tokens instead—especially for scenarios where accounts might be frequently removed or re-added, or for the cases where an automation wants to be shared along the rest of my team.

Are there specific benefits, such as better security, portability, or flexibility? Would appreciate any insights!

Tokens are more secure as they have more granular permissions, whilst using your local account anything is permitted. Also tokens can be revoked easily from our web interface.

Ultimately it highly depends on how you’re deploying your application and/if you’re expecting others to consume it. For example, if other users will be using it, then an App registration that signs-in on behalf of the user would be better…

3 Likes

Got it! Thanks again for the quick response! Really appreciate the insight and all the suport :smiling_face_with_three_hearts:

1 Like