RT-Authen-Token - token-based authentication

    This module adds the ability for users to generate and login with
    authentication tokens. Users with the ManageAuthTokens permission will
    see a new "Auth Tokens" menu item under "Logged in as ____" -> Settings.
    On that page they will be able to generate new tokens and modify or
    revoke existing tokens.

    Once you have an authentication token, you may use it in place of a
    password to log into RT. (Additionally, RT::Extension::REST2 allows for
    using auth tokens with the Authorization: token HTTP header.) One common
    use case is to use an authentication token as an application-specific
    password, so that you may revoke that application's access without
    disturbing other applications. You also need not change your password,
    since the application never received it.

    If you have the AdminUsers permission, along with ManageAuthTokens, you
    may generate, modify, and revoke tokens for other users as well by
    visiting Admin -> Users -> Select -> (user) -> Auth Tokens.

    Authentication tokens are stored securely (hashed and salted) in the
    database just like passwords, and so cannot be recovered after they are

    RT-Authen-Token requires version RT 4.2.5 or later.

    perl Makefile.PL
    make install
        This step may require root permissions.

    make initdb
        Only run this the first time you install this module.

        If you run this twice, you will end up with duplicate data in your

        If you are upgrading this module, check for upgrading instructions
        in case changes need to be made to your database.

    Edit your /opt/rt4/etc/
        Add this line:

            Plugin( "RT::Authen::Token" );

    Update your Apache configuration
        If you are running RT under Apache, add the following directive to
        your RT Apache configuration to allow RT to access the Authorization

            SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

    Restart your webserver

    If you have a mix of local and external authentication you can disable
    requiring a password to create tokens with the following line in :

        Set($DisablePasswordForAuthToken, 1);

    Best Practical Solutions, LLC <>

    All bugs should be reported via email to


    or via the web at


    This extension is Copyright (C) 2017-2020 Best Practical Solutions, LLC.

    This is free software, licensed under:

      The GNU General Public License, Version 2, June 1991