How to get token_auth programmatically

In the past I have automated the configuration of the WP-Matomo (WP-Piwik) plugin by getting the token_auth string for the user using a MySQL query and then setting the required variables using the WordPress CLI (see the Ansible tasks here).

However with Matomo 4.x the token_auth string is encrypted in the database so this won’t work.

Last year when asked about this on GitHub:

The answer given was to use the API:

You can find more info about APIs here:

Checkout UsersManager.getTokenAuth method to get token.

However that method is not in the list of UsersManaged methods, is there an undocumented method that can be used or is some PHP now needed to access the token_auth for a user?


Matomo 4 doesn’t have one token_auth per user any more, but allows every user to create as many API tokens as they like and revoke them seperatly.

The API to create those token is UsersManager.createAppSpecificTokenAuth as shown in the API docs.

1 Like

Thanks @Lukas, that method requires the password for the user account?

  • UsersManager.createAppSpecificTokenAuth (userLogin, passwordConfirmation, description, expireDate = ‘’, expireHours = ‘0’) [ No example available ]

If this is the case then it can’t be used without changing the users password in situations when one doesn’t have the users password?

In my case I won’t have the users password when I’m adding a site to an existing account.


It seems like it isn’t possible to create a token for another user (but I think it also wasn’t possible with Matomo 3)

1 Like

With Matomo 3.x I used a MySQL query to get the token_auth.