Skip to main content
Fleet (FleetDM) API keys allow you to interact directly with your Fleet instance — for example to run scripts, query device data, or integrate with other tools. You can create Fleet API keys directly from Primo or via the Fleet dashboard.

Generate a Fleet API key from Primo

  1. Go to Settings > Developers > Fleet API Keys.
  2. Click Create API key.
  3. Give the key a name and configure permissions.
  4. Click Create.
  5. Copy the token immediately — it will not be shown again.
Keep your Fleet API token secret and do not share it. It has the permissions you configured during creation.

Generate a Fleet API key from Fleet dashboard

  1. Open your Fleet dashboard (accessible from the Primo cockpit via Settings > MDM > Open Fleet).
  2. Click your avatar in the top-right corner and go to My account.
  3. Scroll to API token.
  4. Click Get API token.
  5. Copy the token — it is tied to your Fleet user account.
Your Fleet API token has the same permissions as your Fleet user account. Keep it secret and do not share it.

Generate a Fleet API key from CLI

You can also create Fleet API keys programmatically using the Fleet CLI: 
fleetctl login --email your-email@example.com --url https://<your-fleet-instance>
fleetctl get api-token
Or create an API key directly via the Fleet API: 
curl -X POST https://<your-fleet-instance>/api/v1/fleet/users/<user-id>/api_token \
  -H "Authorization: Bearer YOUR_EXISTING_TOKEN" \
  -H "Content-Type: application/json"

Use the Fleet API key

Pass the token in the Authorization header: 
curl https://<your-fleet-instance>/api/v1/fleet/hosts \
  -H "Authorization: Bearer YOUR_FLEET_API_TOKEN"

Regenerate or revoke a token

Fleet API tokens do not expire automatically. To revoke access, go to My account in Fleet and click Regenerate API token. This immediately invalidates the previous token.