External connections and tokens
View and revoke the access granted to third-party applications connected to your Shyfter account via the API.
What external tokens are for
When you connect Shyfter to an external tool (payroll software, analytics tool, custom integration via the API), a secure access is created. This access lets the tool communicate with your account without sharing your password. The External tokens page gives you an overview of these accesses and lets you cut them off at any time.
Viewing active accesses
Go to Settings ⚙️ → General → External tokens. The list shows, for each access:
- Team / member: who or which integration the access is linked to.
- Contact: the contact associated with the access.
- Access: the rights level, read-only or read-write.
- Permissions: the precise capabilities allowed by the token (the accessible data scopes).
- Departments: the accounts or departments the access covers.
- Actions: the button to revoke the access.
Revoking an access
To cut off a third-party application's access, click Revoke on the relevant row. The application can no longer access your data from that moment.
Creating new accesses and configuring the API is done in Settings ⚙️ → Integrations (API extension). This page is used to view and revoke existing accesses.