Workspace preferences
Each workspace in Alpacon has unique security and configuration policies, and accordingly, personal setting items may vary by workspace.
In this page, you can configure personal settings that match the policies of the respective workspace.
API token management
This is a feature for issuing and managing API tokens.
Tokens allow access to Alpacon API without authentication, so never share them externally.
Token list
- You can check name, validity period, and last update.
- You can activate or deactivate tokens through the toggle button on the right.
- If no expiration date is set, it is displayed as "unlimited".
Token creation
- Click the Add button.
- Set the token's name and validity period, then create the token.
- The generated token can only be confirmed on that screen, and cannot be retrieved again after leaving the page.
→ Be sure to copy and store it in a safe location.
Token management
- Click the
⋮button on the right side of the token card to display the management menu.
| Function | Description |
|---|---|
| Update token | You can modify the token's name and expiration date. |
| Delete token | Deletes the corresponding token. |
| Command ACL | A security setting that can restrict commands executable with the token. |
Command ACL (Command access control)
Command ACL is a function that controls commands executable with the corresponding API token.
- If no commands are registered: All commands are executable
- If at least one command is registered: Only registered commands are executable
⚠️ It is recommended to set Command ACL for security enhancement.
| Function | Description |
|---|---|
| View commands | You can check the list of currently registered commands. |
| Add command | Enter a command and click the Add new command button. |
| Delete command | You can delete from the existing command list. |
Personal
You can configure personal setting items that vary according to workspace policies.
Session and authentication settings
| Setting | Description |
|---|---|
| Websh session timeout | Unused Websh sessions are automatically terminated after the set time. Longer session retention times may increase billing costs, and the configurable range varies according to workspace policies. |
| MFA timeout | After completing MFA (multi-factor authentication) once, you can perform sensitive operations without additional authentication for the set time. The range of valid time varies according to the workspace's security policy. |
Leave workspace
- Click the Leave workspace button to withdraw from the corresponding workspace.
- ⚠️ After withdrawal, system logs are preserved, but server accounts and personal files are all deleted. Be sure to backup important data in your home directory before withdrawal.