notiflowsDocs
CLI

Account tokens

An account token (prefix nf_at_) is the credential that authenticates every Notiflows developer surface — the CLI, the MCP server, the agent toolkit, and the Management API. Create one in the dashboard, use it, and rotate it safely.

An account token (prefix nf_at_) is the credential that authenticates the Notiflows developer surfaces: the CLI, the MCP server, the agent toolkit, and the Management API they all sit on top of.

Account tokens are not the Admin or User API credential. Those server-to-server and client APIs authenticate with x-notiflows-api-key plus a secret key or user key — see the API reference. Account tokens authenticate only the developer/AI surfaces over the Management API.

Create one

Tokens are created in the dashboard, alongside Profile, Billing, and Team in your account settings.

  1. Open Account tokens at https://app.notiflows.com/account-tokens.
  2. Click New token and give it a descriptive name (e.g. CI/CD Pipeline, claude-mcp, github-ci).
  3. Copy the secret immediately — it is shown once and cannot be retrieved again.

The token secret is displayed a single time at creation. If you lose it, you can't view it again — delete the token and create a new one. Store it in a secret manager or environment variable right away.

Scope

Account tokens are account-scoped: a single token can access every project in the account. There are no per-project tokens and no fine-grained scopes today — a token is broad, with full read/write access to everything the account owns.

You select the target project per request rather than per token:

  • CLI — the --project flag, the NOTIFLOWS_PROJECT env var, or the project field in notiflows.json.
  • MCP server — the project argument on each tool call (call list_projects to discover slugs).
  • Management API — the project slug in the path (/projects/{project_slug}/…).

Lifecycle

Account tokens do not expire. From the dashboard you can:

  • Rename a token.
  • See its last-used time.
  • Delete (revoke) a token.

There is no in-place rotation: rotate by creating a new token and deleting the old one. If a token ever leaks, revoke it immediately and issue a replacement.

Where it's used

The same token authorizes every developer surface — only the mechanism differs:

# CLI — login stores it at ~/.config/notiflows/credentials.json
notiflows login --token nf_at_xxx
# or non-interactively via env / flag
export NOTIFLOWS_TOKEN=nf_at_xxx
notiflows whoami --token nf_at_xxx
# MCP server — sent as an Authorization: Bearer header to the hosted endpoint
claude mcp add notiflows -- npx -y mcp-remote https://api.notiflows.com/mcp \
  --header "Authorization: Bearer nf_at_xxx"
// Agent toolkit — the accountToken option
import { createNotiflowsToolkit } from "@notiflows/agent-toolkit";

const toolkit = createNotiflowsToolkit({
  accountToken: process.env.NOTIFLOWS_TOKEN!, // nf_at_...
  project: "acme",
});
# Management API — Authorization: Bearer
curl https://api.notiflows.com/management/v1/whoami \
  -H "Authorization: Bearer nf_at_xxx"

Auditability

Actions taken with a token are attributed to it by name:

  • Notiflow runs in the dashboard show "Triggered by <token name>".
  • Notiflow version history records the token as the creator of a change.

Name tokens after the system that uses them (e.g. github-ci, claude-mcp) so the audit trail reads clearly.

Security

Treat an account token as a secret with full account write access:

  • Store it in a secret manager or environment variable; never commit it to a repository.
  • Scope it to one system and name it accordingly so a leak is easy to attribute and revoke.
  • Revoke immediately on any suspected leak, then issue a replacement.

The MCP server exposes no destructive (delete/archive) tools, but the token still carries full write access through the raw Management API. Guard it as a privileged credential regardless of which surface uses it.

CLI

Install, log in with a token, and manage notiflows as code.

MCP server

Send the token as an Authorization: Bearer header from your AI editor.

Agent toolkit

Pass the token as accountToken to createNotiflowsToolkit.

Management API

Send the token as Authorization: Bearer on every request.

CLI Overview

Install the Notiflows CLI, authenticate with an account token, and manage your notiflows as code — pull, edit, push, and publish from the terminal or CI.

Notiflows as code

The on-disk format the Notiflows CLI uses — notiflows.json project config, per-notiflow notiflow.json with a flat steps array, extracted template bodies, and environment-variable substitution.

On this page

Create oneScopeLifecycleWhere it's usedAuditabilitySecurityRelated