An API Token is a randomly generated alpha-numeric string that’s used to authenticate different things in Postmark. It’s almost like a username and password all rolled into one.
In Postmark, there are two different kinds of API Tokens.
The Server API Token can be found in the Credentials tab in each of your Servers in Postmark. This is used for most functions in Postmark including your SMTP username and password, all API calls involving sending, querying sent messages, the Bounce API, and many other common tasks. Account Owners and Account Admins can see Server API Tokens for all of the Servers in an account. Server Admins can also view the Server API Tokens for Servers they are assigned to.
The Account API Token is required for API actions that only the Account Owner and Account Admin have access to. This includes: setting up new Servers, adding new Sender Signatures and creating new Templates. The Account API Token can be found on the API Tokens page in the Account section. Account Owners and Account Admins can see Account API Tokens, while Server Admins and Server Viewers cannot.