Was this page helpful?

App Identity

App identities allow apps to interact with the Contentful as an independent entity, similar to a user. This means that instead of only being able to take actions when a user is running the app inside of Contentful, the app can perform actions at any time, and the changes made by the app are attributed to the app itself. This allows apps to respond to events from other services, or to take actions on a schedule.

App identities are enabled by using app access tokens. App access tokens are used to authenticate against the Content Management API (CMA), allowing backends to make requests to it. They are only valid for short time period (10 minutes) and can be requested using app keys associated with an AppDefinition. App identities can perform all actions on the following entity types:

  • Asset
  • ContentType
  • EditorInterface
  • Entry
  • Locale
  • Release
  • ReleaseAction
  • ScheduledAction
  • Snapshot (only on master environment)
  • Tag
  • Task
  • The app's own AppInstallation

An AppAccessToken conveys the identity of an app to the CMA. This means that any changes made using an app access token will be attributed to the app, which in turn allows users to see if an entity was recently modified by an app. The web app might do this by showing the app name in the Author field. The last update date and the author can also be seen in the API response, or on the Info tab of the web app sidebar when editing an entry.

You can find details about the structure of app access tokens in our CMA documentation. For a guide on how to use app access tokens in backend apps, read our page about using app identities and events.