Target Netbox 4.6 as version to begin support for v2 token header ready for v1 removal in Netbox 4.7
From Netbox Release notes
Improved API Authentication Tokens (netbox-community/netbox#20210)
This release introduces a new version of API token (v2) which implements several security improvements. HMAC hashing with a cryptographic pepper is used to authenticate these tokens, obviating the need to store plaintexts. The new tokens also employ a non-sensitive key which can be shared to identify tokens without divulging their plaintexts. We've also adopted the standard "bearer" HTTP header format, as shown below.
# v1 token header
Authorization: Token <TOKEN>
# v2 token header
Authorization: Bearer nbt_<KEY>.<TOKEN>
Note that v2 token keys are prefixed with the fixed string nbt_, which can be used to aid in secret detection.
Backward compatibility with legacy (v1) tokens is retained in this release. However, users are strongly encouraged to begin using only v2 tokens, as support for legacy tokens will be removed in NetBox v4.7.
netbox-community/netbox#20210
Target Netbox 4.6 as version to begin support for v2 token header ready for v1 removal in Netbox 4.7
From Netbox Release notes
Improved API Authentication Tokens (netbox-community/netbox#20210)
This release introduces a new version of API token (v2) which implements several security improvements. HMAC hashing with a cryptographic pepper is used to authenticate these tokens, obviating the need to store plaintexts. The new tokens also employ a non-sensitive key which can be shared to identify tokens without divulging their plaintexts. We've also adopted the standard "bearer" HTTP header format, as shown below.
Note that v2 token keys are prefixed with the fixed string nbt_, which can be used to aid in secret detection.
Backward compatibility with legacy (v1) tokens is retained in this release. However, users are strongly encouraged to begin using only v2 tokens, as support for legacy tokens will be removed in NetBox v4.7.
netbox-community/netbox#20210