diff --git a/packages/plausible/index.tsx b/packages/plausible/index.tsx
index 6e17d9b..245a48a 100644
--- a/packages/plausible/index.tsx
+++ b/packages/plausible/index.tsx
@@ -4,15 +4,17 @@ import { RouteObject } from "react-router-dom";
 import {
   InjectionZoneEntry,
   InjectionZone,
-  CuratorConfig,
+  CuratorPlugin,
   MainMenuItem,
 } from "@curatorjs/studio";
 
 import PlausibleDashboard from "./routes/PlausibleDashboard";
 import icon from "./assets/icon.png";
 
-export default function plausiblePlugin({ sharedLink }: PluginOptions) {
-  return (config: CuratorConfig): CuratorConfig => {
+export default function plausiblePlugin({
+  sharedLink,
+}: PluginOptions): CuratorPlugin {
+  return (config) => {
     return R.evolve({
       zones: R.append<InjectionZoneEntry>({
         zone: InjectionZone.MainMenuBottom,
diff --git a/packages/studio/app/locales/en/translation.json b/packages/studio/app/locales/en/translation.json
index 6d84f56..f3cb217 100644
--- a/packages/studio/app/locales/en/translation.json
+++ b/packages/studio/app/locales/en/translation.json
@@ -185,6 +185,9 @@
   "common.apply": "Apply",
   "common.update": "Update",
   "common.versioning": "Version history",
+  "common.never": "Never",
+  "common.description": "Description",
+  "common.permissions": "Permissions",
 
   "secrets.title": "Secrets",
   "secrets.description": "Key-values with role scoped access.",
@@ -212,5 +215,24 @@
   "versioning.field": "Field",
   "versioning.current": "Current",
   "versioning.selected": "Selected",
-  "versioning.restore": "Restore this version"
+  "versioning.restore": "Restore this version",
+
+  "api_tokens.title": "API tokens",
+  "api_tokens.description": "Generated tokens can consume the API.",
+  "api_tokens.delete_warning": "Once deleted the API key can no longer be used.",
+  "api_tokens.deleted": "API key has been deleted.",
+  "api_tokens.last_used": "Last used",
+  "api_tokens.expires_at": "Expires",
+  "api_tokens.create_api_token": "Create API token",
+  "api_tokens.lifespan": "Token duration",
+  "api_tokens.lifespan_days": "{{days}} days",
+  "api_tokens.unlimited": "Unlimited",
+  "api_tokens.read_only": "Read-only",
+  "api_tokens.full_access": "Full access",
+  "api_tokens.custom": "Custom",
+  "api_tokens.token_not_accessible_anymore": "For security reasons, you can only see your token once.",
+  "api_tokens.generated_description": "Make sure to copy this token, you won't be able to see it again!",
+  "api_tokens.generated_title": "Here is your API key",
+  "api_tokens.regenerate": "Regenerate",
+  "api_tokens.confirm_regeneration": "This will invalidate the current API token."
 }
diff --git a/packages/studio/app/locales/nl/translation.json b/packages/studio/app/locales/nl/translation.json
index dbc3eef..3c67253 100644
--- a/packages/studio/app/locales/nl/translation.json
+++ b/packages/studio/app/locales/nl/translation.json
@@ -187,6 +187,9 @@
   "common.default": "Standaard",
   "common.apply": "Toepassen",
   "common.versioning": "Versiegeschiedenis",
+  "common.never": "Nooit",
+  "common.description": "Omschrijving",
+  "common.permissions": "Rechten",
 
   "secrets.title": "Geheimen",
   "secrets.description": "Sleutel-waarden met toegang op rolbasis.",
@@ -214,5 +217,24 @@
   "versioning.field": "Veld",
   "versioning.current": "Huidig",
   "versioning.selected": "Geselecteerd",
-  "versioning.restore": "Herstel deze versie"
+  "versioning.restore": "Herstel deze versie",
+
+  "api_tokens.title": "API-sleutels",
+  "api_tokens.description": "API-sleutels geven toegang tot de API.",
+  "api_tokens.delete_warning": "Verwijderde API-sleutels kunnen niet meer worden gebruikt.",
+  "api_tokens.deleted": "API-sleutel is verwijderd.",
+  "api_tokens.last_used": "Laatst gebruikt",
+  "api_tokens.expires_at": "Vervalt",
+  "api_tokens.create_api_token": "Maak API-sleutel aan",
+  "api_tokens.lifespan": "Geldigheidsduur sleutel",
+  "api_tokens.lifespan_days": "{{days}} dagen",
+  "api_tokens.unlimited": "Onbeperkt",
+  "api_tokens.read_only": "Alleen-lezen",
+  "api_tokens.full_access": "Volledige toegang",
+  "api_tokens.custom": "Aangepast",
+  "api_tokens.token_not_accessible_anymore": "Om veiligheidsredenen wordt de sleutel niet meer getoond.",
+  "api_tokens.generated_description": "Dit is een goed moment om de sleutel te kopiëren, want hij wordt slechts eenmaal weergegeven!",
+  "api_tokens.generated_title": "Hier is je API-sleutel",
+  "api_tokens.regenerate": "Opnieuw genereren",
+  "api_tokens.confirm_regeneration": "Hierdoor wordt de huidige API-sleutel ongeldig."
 }
diff --git a/packages/studio/app/plugins/api-tokens/index.tsx b/packages/studio/app/plugins/api-tokens/index.tsx
new file mode 100644
index 0000000..7a13290
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/index.tsx
@@ -0,0 +1,36 @@
+import React from "react";
+import * as R from "ramda";
+import { RouteObject } from "react-router-dom";
+
+import type { InjectionZoneEntry, CuratorConfig } from "@/types/config";
+import { InjectionZone } from "@/types/config";
+
+import MainMenuItem from "./ui/MainMenuItem";
+import ApiTokens from "./routes/ApiTokens";
+
+/**
+ * Plugin for managing available API tokens.
+ */
+export default function apiTokensPlugin({ weight }: { weight?: number } = {}) {
+  return (config: CuratorConfig): CuratorConfig => {
+    return R.evolve({
+      zones: R.append<InjectionZoneEntry>({
+        zone: InjectionZone.MainMenuSettings,
+        weight: weight ?? 30,
+        render() {
+          return <MainMenuItem />;
+        },
+      }),
+      routes: R.concat<RouteObject[]>([
+        {
+          path: "/settings/api-tokens",
+          element: <ApiTokens />,
+        },
+      ]),
+    })(config);
+  };
+}
+
+interface PluginOptions {
+  sharedLink: string;
+}
diff --git a/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokenForm.tsx b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokenForm.tsx
new file mode 100644
index 0000000..84f8827
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokenForm.tsx
@@ -0,0 +1,222 @@
+import React, { useState } from "react";
+import { useTranslation } from "react-i18next";
+import {
+  Alert,
+  Button,
+  Input,
+  message,
+  Modal,
+  Radio,
+  Result,
+  Typography,
+} from "antd";
+import { Form, Formik } from "formik";
+import * as R from "ramda";
+import dayjs from "dayjs";
+
+import { ApiToken } from "@/types/apiToken";
+import useStrapi from "@/hooks/useStrapi";
+import Field from "@/ui/Field";
+import FormField from "@/ui/FormField";
+
+import PermissionsSelect from "./PermissionsSelect";
+
+const ApiTokenForm: React.FC<{
+  item: ApiToken | { id: null };
+  onClose: VoidFunction;
+}> = ({ item, onClose }) => {
+  const { t } = useTranslation();
+  const { sdk, permissions } = useStrapi();
+  const [accessKey, setAccessKey] = useState<string | null>(null);
+  const [modal, contextHolder] = Modal.useModal();
+
+  return (
+    <>
+      {contextHolder}
+      <Formik<
+        Pick<
+          ApiToken,
+          "name" | "description" | "lifespan" | "type" | "permissions"
+        > & { id: number | null }
+      >
+        initialValues={
+          item.id
+            ? item
+            : {
+                id: null,
+                name: "",
+                description: "",
+                lifespan: String(7 * 24 * 60 * 60 * 1_000),
+                type: "read-only",
+                permissions: null,
+              }
+        }
+        onSubmit={async (values) => {
+          try {
+            if (values.id) {
+              await sdk.updateApiToken(values.id, values);
+              onClose();
+            } else {
+              const { accessKey } = await sdk.createApiToken(
+                R.evolve({
+                  lifespan: R.ifElse(R.isEmpty, R.always(null), Number),
+                })(values),
+              );
+              setAccessKey(accessKey);
+            }
+          } catch (e: any) {
+            message.error(e.message);
+          }
+        }}
+      >
+        {({ values, submitForm, isSubmitting }) => (
+          <Modal
+            open
+            title={
+              accessKey
+                ? ""
+                : item.id
+                ? item.name
+                : t("api_tokens.create_api_token")
+            }
+            closeIcon={!accessKey}
+            onCancel={onClose}
+            onOk={submitForm}
+            cancelText={t("common.cancel")}
+            okText={item.id ? t("common.update") : t("common.create")}
+            footer={
+              accessKey ? (
+                <Button onClick={onClose}>{t("common.done")}</Button>
+              ) : undefined
+            }
+            okButtonProps={{ ghost: !R.isNil(item.id) }}
+            confirmLoading={isSubmitting}
+          >
+            {!accessKey ? (
+              <Form className="py-8 space-y-4">
+                {item.id && (
+                  <Alert
+                    type="warning"
+                    icon={<span>🔐</span>}
+                    showIcon
+                    message={t("api_tokens.token_not_accessible_anymore")}
+                    action={
+                      <Button
+                        size="small"
+                        onClick={() => {
+                          modal.confirm({
+                            title: t("phrases.are_you_sure"),
+                            content: t("api_tokens.confirm_regeneration"),
+                            cancelText: t("common.cancel"),
+                            okText: t("api_tokens.regenerate"),
+                            okButtonProps: { danger: true },
+                            onOk: async () => {
+                              try {
+                                const accessKey = await sdk.regenerateApiToken(
+                                  item.id,
+                                );
+                                setAccessKey(accessKey);
+                              } catch (e) {}
+                            },
+                          });
+                        }}
+                      >
+                        {t("api_tokens.regenerate")}
+                      </Button>
+                    }
+                  />
+                )}
+                <FormField label={t("common.name")}>
+                  <Field name="name">
+                    <Input />
+                  </Field>
+                </FormField>
+                <FormField label={t("common.description")}>
+                  <Field name="description">
+                    <Input.TextArea />
+                  </Field>
+                </FormField>
+                <FormField
+                  label={t("api_tokens.lifespan")}
+                  help={
+                    item.id &&
+                    item.expiresAt &&
+                    `${t("api_tokens.expires_at")} ${dayjs(
+                      item.expiresAt,
+                    ).format("l LT")}`
+                  }
+                >
+                  <Field name="lifespan">
+                    <Radio.Group
+                      buttonStyle="solid"
+                      optionType="button"
+                      disabled={!R.isNil(item.id)}
+                      options={[
+                        {
+                          label: t("api_tokens.lifespan_days", { days: 7 }),
+                          value: String(7 * 24 * 60 * 60 * 1_000),
+                        },
+                        {
+                          label: t("api_tokens.lifespan_days", { days: 30 }),
+                          value: String(30 * 24 * 60 * 60 * 1_000),
+                        },
+                        {
+                          label: t("api_tokens.lifespan_days", { days: 90 }),
+                          value: String(90 * 24 * 60 * 60 * 1_000),
+                        },
+                        {
+                          label: t("api_tokens.unlimited"),
+                          value: "",
+                        },
+                      ]}
+                    />
+                  </Field>
+                </FormField>
+                <FormField label={t("common.permissions")}>
+                  <Field name="type">
+                    <Radio.Group
+                      options={[
+                        {
+                          label: t("api_tokens.read_only"),
+                          value: "read-only",
+                        },
+                        {
+                          label: t("api_tokens.full_access"),
+                          value: "full-access",
+                        },
+                        {
+                          label: t("api_tokens.custom"),
+                          value: "custom",
+                        },
+                      ]}
+                    />
+                  </Field>
+                </FormField>
+
+                {values.type === "custom" && (
+                  <Field name="permissions">
+                    <PermissionsSelect />
+                  </Field>
+                )}
+              </Form>
+            ) : (
+              <div>
+                <Result
+                  icon={<span className="text-5xl">🔑</span>}
+                  title={t("api_tokens.generated_title")}
+                  subTitle={t("api_tokens.generated_description")}
+                >
+                  <div className="font-mono">
+                    <Typography.Text copyable>{accessKey}</Typography.Text>
+                  </div>
+                </Result>
+              </div>
+            )}
+          </Modal>
+        )}
+      </Formik>
+    </>
+  );
+};
+
+export default ApiTokenForm;
diff --git a/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokens.tsx b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokens.tsx
new file mode 100644
index 0000000..2ae7108
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/ApiTokens.tsx
@@ -0,0 +1,173 @@
+import React, { useState } from "react";
+import { useTranslation } from "react-i18next";
+import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
+import { faEllipsisV, faUnlock } from "@fortawesome/free-solid-svg-icons";
+import { Button, Dropdown, Modal, notification, Tag } from "antd";
+import * as R from "ramda";
+import { useAsyncRetry } from "react-use";
+import dayjs from "dayjs";
+
+import { ApiToken } from "@/types/apiToken";
+import useStrapi from "@/hooks/useStrapi";
+import Table from "@/ui/Table";
+
+import CreateButton from "./CreateButton";
+import ApiTokenForm from "./ApiTokenForm";
+import CalendarTime from "@/ui/CalendarTime";
+
+export default function ApiTokens() {
+  const { t } = useTranslation();
+  const { sdk, permissions } = useStrapi();
+  const [edit, setEdit] = useState<ApiToken | null>(null);
+  const [modal, contextHolder] = Modal.useModal();
+  const canUpdate = permissions.some(
+    R.whereEq({ action: "admin::api-tokens.update" }),
+  );
+  const canDelete = permissions.some(
+    R.whereEq({ action: "admin::api-tokens.delete" }),
+  );
+
+  const { value: items = [], retry } = useAsyncRetry(async () => {
+    try {
+      return await sdk.getApiTokens();
+    } catch (e) {}
+  }, [sdk]);
+
+  return (
+    <>
+      {contextHolder}
+      {edit && (
+        <ApiTokenForm
+          item={edit}
+          onClose={() => {
+            setEdit(null);
+            retry();
+          }}
+        />
+      )}
+      <div className="px-4 md:px-12">
+        <div className="flex flex-col lg:flex-row items-center justify-between gap-6 my-12 pb-6 border-b border-0 border-solid border-gray-200">
+          <div className="text-center lg:text-left">
+            <h1 className="mt-0 mb-4">{t("api_tokens.title")}</h1>
+            <div className="text-sm text-gray-600">
+              {t("api_tokens.description")}
+            </div>
+          </div>
+          <CreateButton onCreate={retry} />
+        </div>
+        <Table
+          dataSource={items}
+          rowKey="id"
+          columns={[
+            {
+              key: "name",
+              render({ type, name, description }: ApiToken) {
+                return (
+                  <div className="space-y-2">
+                    <div>
+                      <strong>{name}</strong>
+                    </div>
+                    <div className="text-xs text-gray-500">{description}</div>
+                    <div>
+                      <Tag
+                        bordered={false}
+                        icon={
+                          <FontAwesomeIcon
+                            className="text-xs mr-1.5"
+                            icon={faUnlock}
+                          />
+                        }
+                        color={
+                          {
+                            "read-only": "geekblue",
+                            "full-access": "orange",
+                            custom: "purple",
+                          }[type]
+                        }
+                      >
+                        {t(`api_tokens.${type.replaceAll("-", "_")}`)}
+                      </Tag>
+                    </div>
+                  </div>
+                );
+              },
+            },
+            {
+              key: "lastUsedAt",
+              dataIndex: "lastUsedAt",
+              title: t("api_tokens.last_used"),
+              render(lastUsedAt) {
+                return lastUsedAt ? (
+                  <CalendarTime>{lastUsedAt}</CalendarTime>
+                ) : (
+                  t("common.never")
+                );
+              },
+            },
+            {
+              key: "expiresAt",
+              dataIndex: "expiresAt",
+              title: t("api_tokens.expires_at"),
+              render(expiresAt) {
+                return expiresAt
+                  ? dayjs(expiresAt).format("l LT")
+                  : t("common.never");
+              },
+            },
+            {
+              key: "settings",
+              render(item) {
+                return (
+                  <div className="flex justify-end">
+                    <Dropdown
+                      trigger={["click"]}
+                      menu={{
+                        items: [
+                          canUpdate && {
+                            key: "update",
+                            label: t("common.update"),
+                            async onClick() {
+                              setEdit(item);
+                            },
+                          },
+                          canUpdate && canDelete && { type: "divider" },
+                          canDelete && {
+                            key: "delete",
+                            danger: true,
+                            label: t("common.delete"),
+                            async onClick() {
+                              modal.confirm({
+                                title: t("phrases.are_you_sure"),
+                                content: t("api_tokens.delete_warning"),
+                                okText: t("common.delete"),
+                                cancelText: t("common.cancel"),
+                                okButtonProps: { danger: true },
+                                centered: true,
+                                async onOk() {
+                                  await sdk.deleteApiToken(item.id);
+                                  retry();
+                                  notification.success({
+                                    message: t("api_tokens.deleted"),
+                                  });
+                                },
+                              });
+                            },
+                          },
+                        ].filter(Boolean) as any[],
+                      }}
+                    >
+                      <Button
+                        type="text"
+                        icon={<FontAwesomeIcon icon={faEllipsisV} />}
+                      />
+                    </Dropdown>
+                  </div>
+                );
+              },
+            },
+          ]}
+        />
+      </div>
+    </>
+  );
+}
diff --git a/packages/studio/app/plugins/api-tokens/routes/ApiTokens/CreateButton.tsx b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/CreateButton.tsx
new file mode 100644
index 0000000..313f58e
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/CreateButton.tsx
@@ -0,0 +1,36 @@
+import React, { useState } from "react";
+import { useTranslation } from "react-i18next";
+import { Button } from "antd";
+import * as R from "ramda";
+
+import useStrapi from "@/hooks/useStrapi";
+
+import ApiTokenForm from "./ApiTokenForm";
+
+const CreateButton: React.FC<{ onCreate: VoidFunction }> = ({ onCreate }) => {
+  const { t } = useTranslation();
+  const [form, setForm] = useState(false);
+  const { permissions } = useStrapi();
+  const canCreate = permissions.some(
+    R.whereEq({ action: "admin::api-tokens.create" }),
+  );
+
+  return canCreate ? (
+    <>
+      <Button type="primary" onClick={() => setForm(true)}>
+        {t("api_tokens.create_api_token")}
+      </Button>
+      {form && (
+        <ApiTokenForm
+          item={{ id: null }}
+          onClose={() => {
+            setForm(false);
+            onCreate();
+          }}
+        />
+      )}
+    </>
+  ) : null;
+};
+
+export default CreateButton;
diff --git a/packages/studio/app/plugins/api-tokens/routes/ApiTokens/PermissionsSelect.tsx b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/PermissionsSelect.tsx
new file mode 100644
index 0000000..efa8eb5
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/PermissionsSelect.tsx
@@ -0,0 +1,41 @@
+import React from "react";
+import { Select } from "antd";
+import useStrapi from "@/hooks/useStrapi";
+import { useAsync } from "react-use";
+import { PermissionConfig } from "@/types/permission";
+import * as R from "ramda";
+
+const PermissionsSelect: React.FC<{
+  onChange?(): void;
+  value?: string[];
+}> = ({ value, onChange }) => {
+  const { sdk } = useStrapi();
+
+  const { value: items = [] } = useAsync(async () => {
+    try {
+      const permissions = await sdk.getAllPermissions();
+
+      return R.sortBy(
+        R.identity,
+        Object.entries(permissions).flatMap(
+          ([namespace, config]: [string, PermissionConfig]) =>
+            Object.entries(config.controllers).flatMap(([scope, perms]) =>
+              perms.flatMap((perm) => `${namespace}.${scope}.${perm}`),
+            ),
+        ),
+      );
+    } catch (e) {}
+  }, [sdk]);
+
+  return (
+    <Select
+      value={value ?? []}
+      onChange={onChange}
+      mode="multiple"
+      className="w-full"
+      options={items.map((perm) => ({ label: perm, value: perm }))}
+    />
+  );
+};
+
+export default PermissionsSelect;
diff --git a/packages/studio/app/plugins/api-tokens/routes/ApiTokens/index.tsx b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/index.tsx
new file mode 100644
index 0000000..b8e2f53
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/routes/ApiTokens/index.tsx
@@ -0,0 +1,24 @@
+import React from "react";
+import { useTranslation } from "react-i18next";
+import { Alert } from "antd";
+import * as R from "ramda";
+
+import useStrapi from "@/hooks/useStrapi";
+
+import ApiTokens from "./ApiTokens";
+
+export default function ApiTokensScreen() {
+  const { t } = useTranslation();
+  const { permissions } = useStrapi();
+  const hasPermission = permissions.some(
+    R.whereEq({ action: "plugin::i18n.locale.read" }),
+  );
+
+  return hasPermission ? (
+    <ApiTokens />
+  ) : (
+    <div className="mt-24 px-4 md:px-12">
+      <Alert type="warning" description={t("phrases.no_view_permission")} />
+    </div>
+  );
+}
diff --git a/packages/studio/app/plugins/api-tokens/ui/MainMenuItem.tsx b/packages/studio/app/plugins/api-tokens/ui/MainMenuItem.tsx
new file mode 100644
index 0000000..1b96d83
--- /dev/null
+++ b/packages/studio/app/plugins/api-tokens/ui/MainMenuItem.tsx
@@ -0,0 +1,25 @@
+import React from "react";
+import { useTranslation } from "react-i18next";
+import * as R from "ramda";
+import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
+import { faKey } from "@fortawesome/free-solid-svg-icons";
+import { Link } from "react-router-dom";
+
+import useStrapi from "@/hooks/useStrapi";
+
+const MainMenuItem: React.FC = () => {
+  const { t } = useTranslation();
+  const { permissions } = useStrapi();
+  const hasPermission = permissions.some(
+    R.whereEq({ action: "admin::api-tokens.read" }),
+  );
+
+  return hasPermission ? (
+    <Link to="/settings/api-tokens" className="space-x-2">
+      <FontAwesomeIcon icon={faKey} />
+      <span>{t("api_tokens.title")}</span>
+    </Link>
+  ) : null;
+};
+
+export default MainMenuItem;
diff --git a/packages/studio/app/plugins/internationalization/routes/Internationalization/Internationalization.tsx b/packages/studio/app/plugins/internationalization/routes/Internationalization/Internationalization.tsx
index 2a76785..3e9bd0d 100644
--- a/packages/studio/app/plugins/internationalization/routes/Internationalization/Internationalization.tsx
+++ b/packages/studio/app/plugins/internationalization/routes/Internationalization/Internationalization.tsx
@@ -9,7 +9,6 @@ import useStrapi from "@/hooks/useStrapi";
 import Table from "@/ui/Table";
 
 import CreateButton from "./CreateButton";
-import Boolean from "@/plugins/content-manager/ui/fields/Boolean";
 
 export default function Internationalization() {
   const { t, i18n } = useTranslation();
diff --git a/packages/studio/app/plugins/internationalization/routes/Internationalization/index.tsx b/packages/studio/app/plugins/internationalization/routes/Internationalization/index.tsx
index 8502b5f..93bbc38 100644
--- a/packages/studio/app/plugins/internationalization/routes/Internationalization/index.tsx
+++ b/packages/studio/app/plugins/internationalization/routes/Internationalization/index.tsx
@@ -7,7 +7,7 @@ import useStrapi from "@/hooks/useStrapi";
 
 import Internationalization from "./Internationalization";
 
-export default function TeamScreen() {
+export default function InternationalizationScreen() {
   const { t } = useTranslation();
   const { permissions } = useStrapi();
   const hasPermission = permissions.some(
diff --git a/packages/studio/app/types/apiToken.ts b/packages/studio/app/types/apiToken.ts
new file mode 100644
index 0000000..a47fd52
--- /dev/null
+++ b/packages/studio/app/types/apiToken.ts
@@ -0,0 +1,13 @@
+export interface ApiToken {
+  id: number;
+  name: string;
+  description: string;
+  lifespan: number | string | null;
+  permissions: null | string[];
+  type: "read-only" | "full-access" | "custom";
+  accessKey: string;
+  createdAt: string;
+  updatedAt: string;
+  expiresAt: string | null;
+  lastUsedAt: string | null;
+}
diff --git a/packages/studio/app/types/permission.ts b/packages/studio/app/types/permission.ts
index 35d37b6..2e8198e 100644
--- a/packages/studio/app/types/permission.ts
+++ b/packages/studio/app/types/permission.ts
@@ -14,3 +14,9 @@ export interface UserRole {
   description: string;
   name: string;
 }
+
+export interface PermissionConfig {
+  controllers: {
+    [name: string]: string[];
+  };
+}
diff --git a/packages/studio/app/ui/MainMenu/SettingsMenu.tsx b/packages/studio/app/ui/MainMenu/SettingsMenu.tsx
index 03d5af0..e248a40 100644
--- a/packages/studio/app/ui/MainMenu/SettingsMenu.tsx
+++ b/packages/studio/app/ui/MainMenu/SettingsMenu.tsx
@@ -3,7 +3,7 @@ import { useTranslation } from "react-i18next";
 import { Dropdown } from "antd";
 import * as R from "ramda";
 import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
-import { faCog, faKey } from "@fortawesome/free-solid-svg-icons";
+import { faCog, faShieldHalved } from "@fortawesome/free-solid-svg-icons";
 
 import { InjectionZone } from "@/types/config";
 import useCurator from "@/hooks/useCurator";
@@ -40,7 +40,7 @@ const SettingsMenu: React.FC = () => {
           () => !!config.secrets && canRead,
           R.append({
             key: "secrets",
-            icon: <FontAwesomeIcon icon={faKey} />,
+            icon: <FontAwesomeIcon icon={faShieldHalved} />,
             label: t("secrets.title"),
             onClick() {
               navigate("/settings/secrets");
diff --git a/packages/studio/app/utils/sdk.ts b/packages/studio/app/utils/sdk.ts
index 1ef248f..7cc29d4 100644
--- a/packages/studio/app/utils/sdk.ts
+++ b/packages/studio/app/utils/sdk.ts
@@ -8,9 +8,10 @@ import { SessionUser } from "@/types/session";
 import { MediaFolder, MediaFolderStructure, MediaItem } from "@/types/media";
 import { PaginatedResponse } from "@/types/response";
 import { GetManyParams, GetMediaParams } from "@/types/request";
-import { Permission, UserRole } from "@/types/permission";
+import { Permission, PermissionConfig, UserRole } from "@/types/permission";
 import { AdminUser } from "@/types/adminUser";
 import { Version } from "@/types/versioning";
+import { ApiToken } from "@/types/apiToken";
 
 export class StrapiSdk {
   public apiUrl: string;
@@ -347,6 +348,14 @@ export class StrapiSdk {
     return data.data;
   }
 
+  public async getAllPermissions() {
+    const { data } = await this.http.get<{
+      data: Record<string, PermissionConfig>;
+    }>("/admin/content-api/permissions");
+
+    return data.data;
+  }
+
   public async getAdminUsers(params: GetManyParams) {
     const { data } = await this.http.get<{
       data: PaginatedResponse<AdminUser>;
@@ -441,6 +450,62 @@ export class StrapiSdk {
     return data;
   }
 
+  /**
+   * API tokens CRUD methods.
+   */
+  public async getApiTokens() {
+    const { data } = await this.http.get<{ data: ApiToken[] }>(
+      "/admin/api-tokens",
+    );
+
+    return R.sortWith([R.descend(R.prop("id"))], data.data);
+  }
+
+  public async createApiToken(
+    payload: Pick<
+      ApiToken,
+      "name" | "description" | "lifespan" | "permissions" | "type"
+    >,
+  ) {
+    const { data } = await this.http.post<{ data: ApiToken }>(
+      "/admin/api-tokens",
+      payload,
+    );
+
+    return data.data;
+  }
+
+  public async updateApiToken(
+    id: number,
+    {
+      name,
+      description,
+      type,
+      permissions,
+    }: Pick<ApiToken, "name" | "description" | "type" | "permissions">,
+  ) {
+    const { data } = await this.http.put<ApiToken>(`/admin/api-tokens/${id}`, {
+      name,
+      description,
+      type,
+      permissions,
+    });
+
+    return data;
+  }
+
+  public async deleteApiToken(id: number) {
+    await this.http.delete(`/admin/api-tokens/${id}`);
+  }
+
+  public async regenerateApiToken(id: number) {
+    const { data } = await this.http.post<{ data: { accessKey: string } }>(
+      `/admin/api-tokens/${id}/regenerate`,
+    );
+
+    return data.data.accessKey;
+  }
+
   /**
    * Secrets service.
    *
diff --git a/packages/studio/index.ts b/packages/studio/index.ts
index 985cd77..dcd372c 100644
--- a/packages/studio/index.ts
+++ b/packages/studio/index.ts
@@ -9,6 +9,7 @@ export { default as dashboardPlugin } from "./app/plugins/dashboard";
 export { default as teamManagerPlugin } from "./app/plugins/team-manager";
 export { default as internationalizationPlugin } from "./app/plugins/internationalization";
 export { default as auditPlugin } from "./app/plugins/audit";
+export { default as apiTokensPlugin } from "./app/plugins/api-tokens";
 
 // Types
 export type {
@@ -18,6 +19,7 @@ export type {
 } from "./app/types/config";
 export type { ContentTypeConfig } from "./app/types/contentTypeConfig";
 export type { SessionUser } from "./app/types/session";
+export type { CuratorPlugin } from "./app/types/plugin";
 
 // Enum types
 export { InjectionZone } from "./app/types/config";