Personal access tokens function similar to session tokens and can be used by integrations to authenticate against the REST API. It is the most commonly used type of token for integrations.
Creating a Personal Access Token
1 - Enable personal access tokens
...
in System Console > Integrations > Custom Integrations in prior versions or System Console > Integrations > Integration Management in versions after 5.12.
2 - Identify the account you want to create a personal access token with. You may optionally create a new user account for your integration, such as for a bot account. By default, only System Admins have permissions to create a personal access token.
3 - To create an access token with a non-admin account, you must first give it the appropriate permissions. Go
...
to System Console > Users, search for the user account, and
...
select Manage Roles
...
from the dropdown.
4 -
...
Select Allow this account to generate personal access tokens.
You may optionally allow the account to post to any channel in your Mattermost server, including direct messages by choosing the post:all role. post:channels role allows the account to post to any public channel in the Mattermost server.
...