How to generate API key and token in IBM Watson IoT Platform

A network of devices all able to communicate with each other is a concept known as the Internet of Things (IoT). The Watson IoT Platform is an IBM Cloud service that is capable of helping you connect your IoT enabled device to the IBM Cloud. Watson IoT Platform can perform various tasks with the registered IoT device, such as remotely execute actions, collect data in real-time, or look up old data (with the Historian tool).

Learning objectives

This tutorial demonstrates how to create the API key and token that are essential to register your IoT-enabled device with IBM Cloud. The API key and token provide the device with a particular level of delegated access to your IBM Cloud organization. Only when an API key and token are created, is a registered device able to interact with an application.


Before beginning this tutorial, you need the following:

  • An IBM Cloud account. If not, sign up for an account
  • An instance of Watson IoT Platform, or create one from the IBM Cloud Services Catalog
  • A device or gateway already registered with the Watson IoT Platform. Or, register your devices or your gateways for the purpose of creating the API key and token for the platform.

Estimated time

It should take about thirty minutes to complete this how-to.


Creating a new API key and token with the Watson IoT Platform

Let’s get started by creating a new API key and token:

  1. Go to IBM Cloud, click Launch to open the IoT dashboard.


  2. On the left hand side of the dashboard, go to Apps.


  3. From the API Keys tab, click on the + Generate API Key button to generate a new API key and token.


    • An example of an API key: “a-organization_id-a84ps90Ajs”
    • An example of a token: “MP$08VKz!8rXwnR-Q*”
  4. Copy the generated API Key and token, then paste into an empty file or a blank note for later use. Note: the API key and token are not recoverable. Once you leave this page, you won’t be able to view them again. If you lose them, you can always create a new API key and token to replace these ones.


  5. Select one or multiple API Role(s), or keep Standard Application selected. For additional details, see the Watson IoT Platform Documentation.


  6. Optionally, enter a comment to identify the purpose of the API key and toke, or set an expiry date when the API key and token will become invalid. Click the Generate button at the bottom of the window, to finish the process.


  7. The API key and token are now created. The a- at the beginning of the API key stands for application.


Using the API key and token in your application

The Watson IoT Platform team provides client libraries for many popular programming languages. See the following public repositories for samples, documentation and supported features:

A simple example can be created in Node.js with a few lines of code:

var Client = require("ibmiotf");
var appClientConfig = {
    "org" : orgId,
    "id" : appId,
    "auth-key" : apiKey,
    "auth-token" : apiToken

var appClient = new Client.IotfApplication(appClientConfig);


Thanks for reading this how-to! We hope you have learned how to generate API keys for your IoT enabled devices to work on IBM Cloud.