The token_auth acts as your password and is used to authenticate in API requests. You can find the token_auth by logging in Piwik, then click on your username in the top menu, then click the link “API” in the left menu.

The token_auth is secret and should be handled very carefully: do not share it with anyone. Each Piwik user has a different token_auth.

When a user changes its password, the token_auth will be regenerated automatically.