From 562f8788c91b0dab22a20925d24a6ab35716a342 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9gane=20Lacheny?= <megane.lacheny@strapi.io>
Date: Thu, 28 Oct 2021 14:45:34 +0200
Subject: [PATCH 1/4] Write documentation for API tokens settings

---
 .../settings/managing-global-settings.md      | 36 ++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/docs/user-docs/latest/settings/managing-global-settings.md b/docs/user-docs/latest/settings/managing-global-settings.md
index dbc57dce8b..23e0e8807f 100644
--- a/docs/user-docs/latest/settings/managing-global-settings.md
+++ b/docs/user-docs/latest/settings/managing-global-settings.md
@@ -50,4 +50,38 @@ To add a new locale:
 2. In the locale addition window, choose your new locale among the *Locales* drop-down list. The latter lists alphabetically all locales, displayed as their ISO code, that can be added to your Strapi application.
 3. (optional) In the *Locale display name* textbox, write a new display name for your new locale.
 4. (optional) In the Advanced settings tab, tick the *Set as default locale* setting to make your new locale the default one for your Strapi application.
-5. Click on the **Add locale** button to confirm the addition of your new locale.
\ No newline at end of file
+5. Click on the **Add locale** button to confirm the addition of your new locale.
+
+## Managing API tokens
+
+API tokens allow Content API users to authenticate their queries. Administrators can manage API tokens through the *Global settings > API Tokens* sub-section of the settings interface.
+
+<!-- screenshot -->
+
+The *API Tokens* settings sub-section displays a table listing all created API tokens.
+
+For each API token, the table displays its name, description, type and date of creation. From the table, administrators can also:
+
+- Click on the edit button to edit an API token's name, description or type
+- Click on the trash button to delete an API token
+
+### Creating a new API token
+
+Administrators can create new API tokens, all permanent tokens that cannot be regenerated or revoked.
+
+To create a new API token:
+
+1. Click on the **Add new entry** button.
+2. In the API token edition interface, configure the new API token:
+
+| Setting name | Instructions                                              |
+|--------------|-----------------------------------------------------------|
+| Name         | Write the name of the API token.                          |
+| Description  | (optional) Write a description for the API token.         |
+| Token type   | Choose a token type: either *Read-only* or *Full access*. |
+
+3. Click on the **Save** button. The new API token will be displayed at the top of the interface, along with a copy button.
+
+::: caution
+For security purposes, API tokens are only shown right after they have been created. When refreshing the page or navigating elsewhere in the admin panel, the newly created API token will be hidden and will not be displayed again.
+:::
\ No newline at end of file

From 0f9ca0451a4ef9f2a283641637a7c4dac16598e9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9gane=20Lacheny?= <megane.lacheny@strapi.io>
Date: Thu, 28 Oct 2021 15:14:59 +0200
Subject: [PATCH 2/4] Document API tokens CRUD actions in Admin roles

---
 .../users-roles-permissions/configuring-administrator-roles.md   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md b/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
index 131dfa80d8..d70c1e39b3 100644
--- a/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
+++ b/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
@@ -135,6 +135,7 @@ Settings permissions can be configured for all settings accessible from *General
 | Plugins and Marketplace | <ul><li>Marketplace</li><ul><li>"Access the Marketplace" - gives access to the Marketplace</li></ul></ul><ul><li>Plugins</li><ul><li>"Install (only for dev env)" - allows to install new plugins when in a development environment</li><li>"Uninstall (only for dev env)" - allows to uninstall plugins when in a development environment</li></ul></ul> |    
 | Webhooks | <ul><li>General</li><ul><li>"Create" - allows to create webhooks</li><li>"Read" - allows to see created webhooks</li><li>"Update" - allows to edit webhooks</li><li>"Delete" - allows to delete webhooks</li></ul></ul> 👉 Path reminder to Webhook settings: <br> *General > Settings > Global Settings - Webhook* |
 | Users and Roles | <ul><li>Users</li><ul><li>"Create (invite)" - allows to create administrator accounts</li><li>"Read" - allows to see existing administrator accounts</li><li>"Update" - allows to edit administrator accounts</li><li>"Delete" - allows to delete administrator accounts</li></ul></ul><ul><li>Roles</li><ul><li>"Create" - allows to create administrator roles</li><li>"Read" - allows to see created administrator roles</li><li>"Update" - allows to edit administrator roles</li><li>"Delete" - allows to delete administrator roles</li></ul></ul> 👉 Path reminder to the RBAC feature: <br> *General > Settings > Administration Panel* |
+| API tokens | <ul><li>General</li><ul><li>"Create (generate)" - allows to create API tokens</li><li>"Read" - allows to see created API tokens</li><li>"Update" - allows to edit API tokens' settings</li><li>"Delete" - allows to delete API tokens</li></ul></ul> 👉 Path reminder to API tokens settings: <br> *General > Settings > Global Settings - API Tokens* |
 
 :::
 

From 650dec9e06d07978ed0b0d0f165a534b05b48600 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9gane=20Lacheny?= <megane.lacheny@strapi.io>
Date: Thu, 28 Oct 2021 16:04:08 +0200
Subject: [PATCH 3/4] Improve API token doc

---
 .../latest/settings/managing-global-settings.md      | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/user-docs/latest/settings/managing-global-settings.md b/docs/user-docs/latest/settings/managing-global-settings.md
index 23e0e8807f..81d094e6c0 100644
--- a/docs/user-docs/latest/settings/managing-global-settings.md
+++ b/docs/user-docs/latest/settings/managing-global-settings.md
@@ -54,7 +54,7 @@ To add a new locale:
 
 ## Managing API tokens
 
-API tokens allow Content API users to authenticate their queries. Administrators can manage API tokens through the *Global settings > API Tokens* sub-section of the settings interface.
+API tokens allow users to authenticate their Content API queries (see Developer Documentation). Administrators can manage API tokens through the *Global settings > API Tokens* sub-section of the settings interface.
 
 <!-- screenshot -->
 
@@ -62,12 +62,12 @@ The *API Tokens* settings sub-section displays a table listing all created API t
 
 For each API token, the table displays its name, description, type and date of creation. From the table, administrators can also:
 
-- Click on the edit button to edit an API token's name, description or type
-- Click on the trash button to delete an API token
+- Click on the edit button <!-- icon --> to edit an API token's name, description or type
+- Click on the delete button <!-- icon --> to delete an API token
 
 ### Creating a new API token
 
-Administrators can create new API tokens, all permanent tokens that cannot be regenerated or revoked.
+All API tokens created by administrators of the Strapi application are permanent tokens that cannot be regenerated or revoked.
 
 To create a new API token:
 
@@ -80,8 +80,8 @@ To create a new API token:
 | Description  | (optional) Write a description for the API token.         |
 | Token type   | Choose a token type: either *Read-only* or *Full access*. |
 
-3. Click on the **Save** button. The new API token will be displayed at the top of the interface, along with a copy button.
+3. Click on the **Save** button. The new API token will be displayed at the top of the interface, along with a copy button <!-- icon -->.
 
 ::: caution
-For security purposes, API tokens are only shown right after they have been created. When refreshing the page or navigating elsewhere in the admin panel, the newly created API token will be hidden and will not be displayed again.
+For security reasons, API tokens are only shown right after they have been created. When refreshing the page or navigating elsewhere in the admin panel, the newly created API token will be hidden and will not be displayed again.
 :::
\ No newline at end of file

From 0239a2a472645b58696cbac671042a1264d7b2bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A9gane=20Lacheny?= <megane.lacheny@strapi.io>
Date: Wed, 3 Nov 2021 09:47:05 +0100
Subject: [PATCH 4/4] Improve after reviews

---
 docs/user-docs/latest/settings/managing-global-settings.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/user-docs/latest/settings/managing-global-settings.md b/docs/user-docs/latest/settings/managing-global-settings.md
index 81d094e6c0..7af1389e21 100644
--- a/docs/user-docs/latest/settings/managing-global-settings.md
+++ b/docs/user-docs/latest/settings/managing-global-settings.md
@@ -67,7 +67,7 @@ For each API token, the table displays its name, description, type and date of c
 
 ### Creating a new API token
 
-All API tokens created by administrators of the Strapi application are permanent tokens that cannot be regenerated or revoked.
+All API tokens created by administrators of the Strapi application are permanent tokens that cannot be regenerated.
 
 To create a new API token: