diff --git a/docs/.vuepress/config.js b/docs/.vuepress/config.js
index 45eb3627a0..1748aa1927 100644
--- a/docs/.vuepress/config.js
+++ b/docs/.vuepress/config.js
@@ -58,6 +58,7 @@ const sidebar = {
title: 'Optional configurations',
collapsable: true,
children: [
+ ['/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md', 'API tokens'],
['/developer-docs/latest/setup-deployment-guides/configurations/optional/functions.md', 'Functions'],
['/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md', 'Cron jobs'],
['/developer-docs/latest/setup-deployment-guides/configurations/optional/api.md', 'API'],
diff --git a/docs/developer-docs/latest/development/backend-customization/policies.md b/docs/developer-docs/latest/development/backend-customization/policies.md
index c1747cfa15..93863f3f24 100644
--- a/docs/developer-docs/latest/development/backend-customization/policies.md
+++ b/docs/developer-docs/latest/development/backend-customization/policies.md
@@ -65,7 +65,7 @@ To apply policies to a route, add them to its configuration object (see [routes
Policies are called different ways depending on their scope:
- use `global::policy-name` for [global policies](#global-policies)
-- use `api::api-name.policy-name` for [API policies](#API-policies)
+- use `api::api-name.policy-name` for [API policies](#api-policies)
- use `plugin::plugin-name.policy-name` for [plugin policies](#plugin-policies)
::: tip
diff --git a/docs/developer-docs/latest/development/backend-customization/routes.md b/docs/developer-docs/latest/development/backend-customization/routes.md
index c76f77ff93..0b8c8b8fb1 100644
--- a/docs/developer-docs/latest/development/backend-customization/routes.md
+++ b/docs/developer-docs/latest/development/backend-customization/routes.md
@@ -279,7 +279,7 @@ module.exports = {
### Public routes
-By default, routes are protected by Strapi's authentication system, which is based on [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md#api-tokens) or on the use of the [Users & Permissions plugin](/user-docs/latest/plugins/strapi-plugins.md#users-permissions-plugin).
+By default, routes are protected by Strapi's authentication system, which is based on [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md) or on the use of the [Users & Permissions plugin](/user-docs/latest/plugins/strapi-plugins.md#users-permissions-plugin).
In some scenarios, it can be useful to have a route publicly available and control the access outside of the normal Strapi authentication system. This can be achieved by setting the `auth` configuration parameter of a route to `false`:
diff --git a/docs/developer-docs/latest/plugins/graphql.md b/docs/developer-docs/latest/plugins/graphql.md
index 7a1f8efa08..87899bc071 100644
--- a/docs/developer-docs/latest/plugins/graphql.md
+++ b/docs/developer-docs/latest/plugins/graphql.md
@@ -384,7 +384,7 @@ When [extending the GraphQL schema](#extending-the-schema), the `resolversConfig
##### Authorization configuration
-By default, the authorization of a GraphQL request is handled by the registered authorization strategy that can be either [API token](/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md#api-tokens) or through the [Users & Permissions plugin](#usage-with-the-users-permissions-plugin). The Users & Permissions plugin offers a more granular control.
+By default, the authorization of a GraphQL request is handled by the registered authorization strategy that can be either [API token](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md) or through the [Users & Permissions plugin](#usage-with-the-users-permissions-plugin). The Users & Permissions plugin offers a more granular control.
::: details Authorization with the Users & Permissions plugin
With the Users & Permissions plugin, a GraphQL request is allowed if the appropriate permissions are given.
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations.md b/docs/developer-docs/latest/setup-deployment-guides/configurations.md
index 25d9ffab40..0b5d736d85 100644
--- a/docs/developer-docs/latest/setup-deployment-guides/configurations.md
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations.md
@@ -64,6 +64,7 @@ Some parts of Strapi must be configured for the Strapi application to work prope
Strapi also offers the following optional configuration options for specific features:
+- [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md)
- [functions](/developer-docs/latest/setup-deployment-guides/configurations/optional/functions.md)
- [cron jobs](/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md)
- [API calls](/developer-docs/latest/setup-deployment-guides/configurations/optional/api.md)
@@ -72,4 +73,3 @@ Strapi also offers the following optional configuration options for specific fea
- [public assets](/developer-docs/latest/setup-deployment-guides/configurations/optional/public-assets.md)
- [Single Sign-On](/developer-docs/latest/setup-deployment-guides/configurations/optional/sso.md)
- [Role-Based Access Control](/developer-docs/latest/setup-deployment-guides/configurations/optional/rbac.md)
-
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md b/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md
new file mode 100644
index 0000000000..4b9592d675
--- /dev/null
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md
@@ -0,0 +1,31 @@
+---
+title: API tokens - Strapi Developer Docs
+description:
+---
+
+# API tokens
+
+Authentication strategies in Strapi can either be based on the use of the [Users & Permissions plugin](/user-docs/latest/users-roles-permissions/introduction-to-users-roles-permissions.md) or on the built-in API token feature.
+
+Using API tokens allows executing a request on [REST API](/developer-docs/latest/developer-resources/database-apis-reference/rest-api.md) endpoints as an authenticated user.
+
+## Creation
+
+New API tokens are generated from the [admin panel](/user-docs/latest/settings/managing-global-settings.md#managing-api-tokens).
+
+## Usage
+
+When performing a request to Strapi's [REST API](/developer-docs/latest/developer-resources/database-apis-reference/rest-api.md), the API token should be added to the request's `Authorization` header with the following syntax: `bearer your-api-token`.
+
+## Configuration
+
+New API tokens are generated using a salt. This salt is automatically generated by Strapi and stored in `./config/admin.js` as `apiToken.salt`.
+
+The salt can be customized:
+
+- either by updating the string value for `apiToken.salt` in `./config/admin.js` (see [admin panel configuration documentation](/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md))
+- or by creating an `API_TOKEN_SALT` [environment variable](/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md#environment-variables) in the `.env` file of the project
+
+::: caution
+Changing the salt invalidates all the existing API tokens.
+:::
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md b/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md
index 36c773ebb5..f14697f0e2 100644
--- a/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md
@@ -69,7 +69,7 @@ Some settings can only be modified through environment variables:
| `BROWSER` | Boolean | Open the admin panel in the browser after startup | `true` |
| `ENV_PATH` | String | Path to the file that contains your environment variables | `'./.env'` |
| `STRAPI_PLUGIN_I18N_INIT_LOCALE_CODE`
_Optional_| String | Initialization locale for the app, if the [Internationalization (i18n) plugin](/developer-docs/latest/plugins/i18n.md) is installed and enabled on Content-Types (see [Configuration of i18n in production environments](/developer-docs/latest/plugins/i18n.md#configuration-in-production-environments)) | `'en'` |
-| `API_TOKEN_SALT`
_Optional_ | String | Salt to use to generate [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md#api-tokens) | - |
+| `API_TOKEN_SALT`
_Optional_ | String | Salt to use to generate [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md) | - |
### Configuration using environment variables
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md
index 54aac9f762..441ca07fd4 100644
--- a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md
@@ -6,13 +6,42 @@ canonicalUrl: https://docs.strapi.io/developer-docs/latest/setup-deployment-guid
# Admin panel configuration
-The `./config/admin.js` is used to define admin panel configuration for the Strapi application. This file should at least include configurations for authentication and [API tokens](#api-tokens).
+The `./config/admin.js` is used to define admin panel configuration for the Strapi application.
+
+## Available options
+
+ The `./config/admin.js` file can include the following parameters:
+
+| Parameter | Description | Type | Default |
+| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------- |
+| `apiToken.salt` | Salt used to generate [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md) | String | (A random string
generated
by Strapi) |
+| `auth` | Authentication configuration | Object | - |
+| `auth.secret` | Secret used to encode JWT tokens | string | `undefined` |
+| `auth.events` | Record of all the events subscribers registered for the authentication | object | `{}` |
+| `auth.events.onConnectionSuccess` | Function called when an admin user log in successfully to the administration panel | function | `undefined` |
+| `auth.events.onConnectionError` | Function called when an admin user fails to log in to the administration panel | function | `undefined` |
+| `url` | Url of your admin panel. Default value: `/admin`. Note: If the url is relative, it will be concatenated with `url`. | string | `/admin` |
+| `autoOpen` | Enable or disabled administration opening on start. | boolean | `true` |
+| `watchIgnoreFiles` | Add custom files that should not be watched during development. See more [here](https://github.com/paulmillr/chokidar#path-filtering) (property `ignored`). | Array(string) | `[]` |
+| `host` | Use a different host for the admin panel. Only used along with `strapi develop --watch-admin` | string | `localhost` |
+| `port` | Use a different port for the admin panel. Only used along with `strapi develop --watch-admin` | string | `8000` |
+| `serveAdminPanel` | If false, the admin panel won't be served. Note: the `index.html` will still be served, see [defaultIndex option](/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.md) | boolean | `true` |
+| `forgotPassword` | Settings to customize the forgot password email (see more here: [Forgot Password Email](/developer-docs/latest/development/admin-customization.md#forgotten-password-email)) | Object | {} |
+| `forgotPassword.emailTemplate` | Email template as defined in [email plugin](/developer-docs/latest/plugins/email.md#programmatic-usage) | Object | [Default template](https://github.com/strapi/strapi/tree/master/packages/strapi-admin/config/email-templates/forgot-password.js) |
+| `forgotPassword.from` | Sender mail address | string | Default value defined in your [provider configuration](/developer-docs/latest/plugins/email.md#configure-the-plugin) |
+| `forgotPassword.replyTo` | Default address or addresses the receiver is asked to reply to | string | Default value defined in your [provider configuration](/developer-docs/latest/plugins/email.md#configure-the-plugin) |
+
+## Configurations
+
+The `./config/admin.js` file should at least include a minimal configuration with required parameters for authentication and [API tokens](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md). Additional parameters can be included for a full configuration.
+
+:::note
+[Environmental configurations](/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md) (i.e. using the `env()` helper) do not need to contain all the values so long as they exist in the default `./config/server.js`.
+:::
:::: tabs card
::: tab Minimal configuration
-## Minimal configuration
-
The default configuration created with any new project should at least include the following:
```js
@@ -33,8 +62,6 @@ module.exports = ({ env }) => ({
::: tab Full configuration
-## Full configuration
-
```js
// path: ./config/admin.js
@@ -73,42 +100,3 @@ module.exports = ({ env }) => ({
:::
::::
-## Available options
-
- The `./config/admin.js` file can include the following parameters:
-
-| Parameter | Description | Type | Default |
-| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------- |
-| `apiToken.salt` | Salt used to generate [API tokens](#api-tokens) | String | (A random string
generated
by Strapi) |
-| `auth` | Authentication configuration | Object | - |
-| `auth.secret` | Secret used to encode JWT tokens | string | `undefined` |
-| `auth.events` | Record of all the events subscribers registered for the authentication | object | `{}` |
-| `auth.events.onConnectionSuccess` | Function called when an admin user log in successfully to the administration panel | function | `undefined` |
-| `auth.events.onConnectionError` | Function called when an admin user fails to log in to the administration panel | function | `undefined` |
-| `url` | Url of your admin panel. Default value: `/admin`. Note: If the url is relative, it will be concatenated with `url`. | string | `/admin` |
-| `autoOpen` | Enable or disabled administration opening on start. | boolean | `true` |
-| `watchIgnoreFiles` | Add custom files that should not be watched during development. See more [here](https://github.com/paulmillr/chokidar#path-filtering) (property `ignored`). | Array(string) | `[]` |
-| `host` | Use a different host for the admin panel. Only used along with `strapi develop --watch-admin` | string | `localhost` |
-| `port` | Use a different port for the admin panel. Only used along with `strapi develop --watch-admin` | string | `8000` |
-| `serveAdminPanel` | If false, the admin panel won't be served. Note: the `index.html` will still be served, see [defaultIndex option](/developer-docs/latest/setup-deployment-guides/configurations/required/middlewares.md) | boolean | `true` |
-| `forgotPassword` | Settings to customize the forgot password email (see more here: [Forgot Password Email](/developer-docs/latest/development/admin-customization.md#forgotten-password-email)) | Object | {} |
-| `forgotPassword.emailTemplate` | Email template as defined in [email plugin](/developer-docs/latest/plugins/email.md#programmatic-usage) | Object | [Default template](https://github.com/strapi/strapi/tree/master/packages/strapi-admin/config/email-templates/forgot-password.js) |
-| `forgotPassword.from` | Sender mail address | string | Default value defined in your [provider configuration](/developer-docs/latest/plugins/email.md#configure-the-plugin) |
-| `forgotPassword.replyTo` | Default address or addresses the receiver is asked to reply to | string | Default value defined in your [provider configuration](/developer-docs/latest/plugins/email.md#configure-the-plugin) |
-
-## API tokens
-
-Authentication strategies in Strapi can either be based on the use of the [Users & Permissions plugin](/user-docs/latest/users-roles-permissions/introduction-to-users-roles-permissions.md) or on the built-in [API token](/user-docs/latest/settings/managing-global-settings.md#managing-api-tokens) feature.
-
-Using API tokens allows executing a request on [REST API](/developer-docs/latest/developer-resources/database-apis-reference/rest-api.md) endpoints as an authenticated user. The API token should be added to the request's `Authorization` header with the following syntax: `bearer your-api-token`.
-
-New API tokens are generated from the admin panel using a salt. This salt is automatically generated by Strapi and stored in `./config/admin.js` as `apiToken.salt`.
-
-The salt can be customized:
-
-- either by updating the string value for `apiToken.salt` in `./config/admin.js`
-- or by creating an `API_TOKEN_SALT` [environment variable](/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md#environment-variables) in the `.env` file of the project
-
-::: caution
-Changing the salt invalidates all the existing API tokens.
-:::
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/databases.md b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/databases.md
index 8566f0dfbc..34c4d2d585 100644
--- a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/databases.md
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/databases.md
@@ -9,7 +9,7 @@ canonicalUrl: https://docs.strapi.io/developer-docs/latest/setup-deployment-guid
The `./config/database.js` file is used to define database connections that will be used to store the application content.
:::strapi Supported databases
-The CLI installation guide details [supported database and versions](http://localhost:8080/documentation/developer-docs/latest/setup-deployment-guides/installation/cli.md#preparing-the-installation).
+The CLI installation guide details [supported database and versions](/developer-docs/latest/setup-deployment-guides/installation/cli.md#preparing-the-installation).
:::
## Configuration Structure
@@ -151,10 +151,6 @@ module.exports = ({ env }) => ({
:::::
-::: tip
-Take a look at the [database's guide](#databases-installation-guides) for more details.
-:::
-
## Configuration in database
Configuration files are not multi server friendly. So we created a data store for config you will want to update in production.
@@ -203,12 +199,13 @@ await pluginStore.set({
## Databases installation guides
-Strapi gives you the option to choose the most appropriate database for your project. It currently supports **PostgreSQL**, **SQLite**, **MySQL** and
-**MariaDB**. The following documentation covers how to install these databases locally (for development purposes) and on various hosted or cloud server solutions (for staging or production purposes). We will be providing additional installation guides for missing databases soon!
+Strapi gives you the option to choose the most appropriate database for your project. It currently supports **PostgreSQL**, **SQLite**, **MySQL** and **MariaDB**.
+
+The following documentation covers how to install SQLite locally (for development purposes):
-::: strapi Strapi deployment
-Deploying Strapi itself is covered in the [deployment guide](/developer-docs/latest/setup-deployment-guides/deployment.md).
+:::caution
+Installation guides for other databases (MySQL, MariaDB) are being reworked. [Contributions](https://github.com/strapi/documentation/blob/main/CONTRIBUTING.md) are most welcome.
:::
diff --git a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/server.md b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/server.md
index 5509758d3c..32744229e4 100644
--- a/docs/developer-docs/latest/setup-deployment-guides/configurations/required/server.md
+++ b/docs/developer-docs/latest/setup-deployment-guides/configurations/required/server.md
@@ -8,12 +8,36 @@ canonicalUrl: https://docs.strapi.io/developer-docs/latest/setup-deployment-guid
The `./config/server.js` is used to define server configuration for the Strapi application.
+## Available options
+
+The `./config/server.js` file can include the following parameters:
+
+
+
+| Parameter | Description | Type | Default |
+| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------- |
+| `host`
❗️ _Mandatory_ | Host name | string | `localhost` |
+| `port`
❗️ _Mandatory_ | Port on which the server should be running. | integer | `1337` |
+| `socket` | Listens on a socket. Host and port are cosmetic when this option is provided and likewise use `url` to generate proper urls when using this option. This option is useful for running a server without exposing a port and using proxy servers on the same machine (e.g [Heroku nginx buildpack](https://github.com/heroku/heroku-buildpack-nginx#requirements-proxy-mode)) | string \| integer | `/tmp/nginx.socket` |
+| `emitErrors` | Enable errors to be emitted to `koa` when they happen in order to attach custom logic or use error reporting services. | boolean | `false` |
+| `url` | Public url of the server. Required for many different features (ex: reset password, third login providers etc.). Also enables proxy support such as Apache or Nginx, example: `https://mywebsite.com/api`. The url can be relative, if so, it is used with `http://${host}:${port}` as the base url. An absolute url is however **recommended**. | string | `''` |
+| `proxy` | Set the koa variable `app.proxy`. When `true`, proxy header fields will be trusted. | boolean | `false` |
+| `cron` | Cron configuration (powered by [`node-schedule`](https://github.com/node-schedule/node-schedule)) | Object | |
+| `cron.enabled` | Enable or disable [CRON jobs](/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md) to schedule jobs at specific dates. | boolean | `false` |
+| `cron.tasks` | Declare [CRON jobs](/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md) to be run at specific dates. | boolean | `false` |
+
+## Configurations
+
+The `./config/server.js` file should at least include a minimal configuration with the `host` and `port` parameters. Additional parameters can be included for a full configuration.
+
+:::note
+[Environmental configurations](/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.md) (i.e. using the `env()` helper) do not need to contain all the values so long as they exist in the default `./config/server.js`.
+:::
+
::::: tabs card
:::: tab Minimal configuration
-## Minimal configuration
-
The default configuration created with any new project should at least include the following:
```js
@@ -25,22 +49,12 @@ module.exports = ({ env }) => ({
});
```
-:::note
-Environmental configurations (`env`) do not need to contain all these values so long as they exist in the default `./config/server.js`.
-:::
-
::::
:::: tab Full configuration
-## Full configuration
-
The following is an example of a full configuration file. Not all of these keys are required (see [available options](#available-options)).
-:::note
-Environmental configurations (`env`) do not need to contain all these values so long as they exist in the default `./config/server.js`.
-:::
-
```js
// path: ./config/server.js
@@ -60,21 +74,3 @@ module.exports = ({ env }) => ({
::::
:::::
-
-## Available options
-
-The `./config/server.js` file can contain the following parameters:
-
-
-
-| Parameter | Description | Type | Default |
-| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------- |
-| `host`
❗️ _Mandatory_ | Host name | string | `localhost` |
-| `port`
❗️ _Mandatory_ | Port on which the server should be running. | integer | `1337` |
-| `socket` | Listens on a socket. Host and port are cosmetic when this option is provided and likewise use `url` to generate proper urls when using this option. This option is useful for running a server without exposing a port and using proxy servers on the same machine (e.g [Heroku nginx buildpack](https://github.com/heroku/heroku-buildpack-nginx#requirements-proxy-mode)) | string \| integer | `/tmp/nginx.socket` |
-| `emitErrors` | Enable errors to be emitted to `koa` when they happen in order to attach custom logic or use error reporting services. | boolean | `false` |
-| `url` | Public url of the server. Required for many different features (ex: reset password, third login providers etc.). Also enables proxy support such as Apache or Nginx, example: `https://mywebsite.com/api`. The url can be relative, if so, it is used with `http://${host}:${port}` as the base url. An absolute url is however **recommended**. | string | `''` |
-| `proxy` | Set the koa variable `app.proxy`. When `true`, proxy header fields will be trusted. | boolean | `false` |
-| `cron` | Cron configuration (powered by [`node-schedule`](https://github.com/node-schedule/node-schedule)) | Object | |
-| `cron.enabled` | Enable or disable [CRON jobs](/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md) to schedule jobs at specific dates. | boolean | `false` |
-| `cron.tasks` | Declare [CRON jobs](/developer-docs/latest/setup-deployment-guides/configurations/optional/cronjobs.md) to be run at specific dates. | boolean | `false` |
diff --git a/docs/user-docs/latest/settings/managing-global-settings.md b/docs/user-docs/latest/settings/managing-global-settings.md
index 3ac65a1c85..fe6f963e7c 100644
--- a/docs/user-docs/latest/settings/managing-global-settings.md
+++ b/docs/user-docs/latest/settings/managing-global-settings.md
@@ -57,7 +57,7 @@ To add a new locale:
## Managing API tokens
-API tokens allow users to authenticate their Content API queries (see [Developer Documentation](/developer-docs/latest/setup-deployment-guides/configurations/required/admin-panel.md#api-tokens)). Administrators can manage API tokens through the *Global settings > API Tokens* sub-section of the settings interface.
+API tokens allow users to authenticate their Content API queries (see [Developer Documentation](/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.md)). Administrators can manage API tokens through the *Global settings > API Tokens* sub-section of the settings interface.
diff --git a/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md b/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
index 28bba0555c..bc237852c6 100644
--- a/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
+++ b/docs/user-docs/latest/users-roles-permissions/configuring-administrator-roles.md
@@ -149,7 +149,7 @@ For each permission of each category, a **Settings** button is displayed. It all
- the administrator must have the same role as the creator.
::: note
-Other custom conditions can be available if they have been created beforehand for your Strapi application (see [Role-Based Access Control](/developer-docs/latest/setup-deployment-guides/configurations.md#role-based-access-control)).
+Other custom conditions can be available if they have been created beforehand for your Strapi application (see [Role-Based Access Control](/developer-docs/latest/setup-deployment-guides/configurations/optional/rbac.md).
:::
