How to Get the Plex Token

All requests from Plex clients to a Plex server require a Plex authentication token. The Plex token is what determines if a user or device has been authorized to access the Plex server.

While most users won’t need to worry about or use the Plex token, if you wish to create an application or script that calls the Plex API commands, you will need to provide a Plex token.

How to Get the Plex Token

Table of contents

What is the Plex token?
What can you do with a Plex token?
The server token
The device token
The current user's token
All tokens
The claim token
Invalidate all tokens
The transient token

What is the Plex token?

The Plex token is used to authenticate a device with your Plex server. When you are signed into your Plex Media Server, the device you using is assigned a token.

The device token is used to make requests to the Plex server.

Each device you sign into with your account will receive a different token. For example, if you sign into Plex on two different browsers on the same system, each browser would have a different Plex token.

The good news is that you only need one token to use with the Plex API – as long as the token is valid. So once you sign into Plex, you can just grab the token and use it to access Plex.

There are multiple tokens used by Plex, as well as multiple ways of getting a Plex token.

What can you do with a Plex token?

The Plex token assigned to a device that can access your Plex server can be used for a few functions. The first was mentioned earlier: to access the Plex Media Server API commands.

Each Plex API command requires the Plex token to be provided for authentication. When a valid token is provided, the user can get information about the Plex server. An invalid token will return an unauthorized error.

A second function that can be used is to download the latest Plex version. The Plex Server Auto Updater is a tool used to update Plex when it is run as a Windows service. It reads the token from the Windows registry and uses it to download the latest version of Plex Media Server.

The next few sections will explain the different Plex tokens and how to get each of them.

The server token

Each server you have associated with your Plex account is assigned a token. This token should be considered the administrative token, if that were a thing, as it can be used with any API request to the Plex server.

If you know the token for a Plex server, you can do anything on that server.

This server token is stored with the Plex settings and is only available by directly accessing your Plex server. If you have access to your server, you can find the Plex token easily.

Location of the server token

The Plex token for your server is stored in a location that is dependent on what operating system you use for your Plex server:

Location of the Plex Server Token
Operating SystemLocation
WindowsHKEY_CURRENT_USER\Software\Plex, Inc.\Plex Media Server
Value: PlexOnlineToken
MacOS~/Library/Preferences/com.plexapp.plexmediaserver.plist
Key: PlexOnlineToken
Linux$PLEX_HOME/Library/Application Support/Plex Media Server/Preferences.xml
Value: PlexOnlineToken
Debian, Fedora, Ubuntu, and CentOS/var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Preferences.xml
Value: PlexOnlineToken

How to reset the server token

While you shouldn't need to reset your Plex server token often, you can do so easily if you have direct access to your server.

If you do reset your server's Plex authentication token, you will need to reclaim your Plex server for your Plex account.

To reset your server's Plex authentication token, you would need to do the following:

  1. Log into your Plex server.
  2. Open the settings location as described in the previous section.
  3. Delete the following values from the settings:
    • PlexOnlineHome (this setting will only be available if you are using the Plex Home managed users feature.)
    • PlexOnlineMail
    • PlexOnlineToken
    • PlexOnlineUsername
  4. Restart Plex, and then claim your server for your Plex.tv account.

An additional method is to remove the server from your Plex account, which will invalidate the token associated with that server.

Reclaiming your Plex server should have regenerated a new authentication token for your Plex server. The old authentication token is now invalid.

The device token

Once you are signed into your Plex Media Server as an admin, it is easy to get the Plex token for the current device. To get the token, use the following steps:

  1. Open a Web browser and navigate to your Plex server and access the server using an ID that has full access to the server and click on any individual media item. Do not click on a collection.
    Select an Individual Media Item in Plex
    Select an individual media item in Plex.
  2. With the item available, click the three dots to display a context menu, and then click the Get Info option.
    Plex Get Info option
    Get info for an item in Plex Media Server.
  3. The information window about the item will appear. In the lower-left corner, click the View XML link.
    Plex View XML option
    View XML in Plex Media Server.
  4. The XML data for the item will appear in the browser window. The Plex Token will be shown at the end (far right) of the URL.
    Plex Token in URL
    Plex token displayed in URL.

Now that you have the token, you can copy it and use it within the Plex API commands to return information about the Plex server.

The steps outlined above can only be done by a Plex user with full access to the server, not from other user accounts. This is because the Get Info and the View XML link are only visible to a user with full permissions.

The current user's token

Each user is assigned a Plex token and that token is used to make requests to the Plex server. Getting the token for the currently logged in non-administrative user requires a bit more effort, but can be found.

The reason it requires a bit more effort is because the "View XML" option is not available for non-administrative users.

If you are logged in as an administrator, then the following steps will get the device token, which is the same token you get when following the steps in the previous section.

Use the following steps to get the Plex token for the current user:

  1. Open a Web browser and navigate to your Plex server and click on any individual media item. Do not click on a collection.
    Select an Individual Media Item in Plex
    Select an individual media item in Plex.
  2. Open the Developer Tools for the Web browser. For Chrome, and Chromium browsers, and the Firefox browser, you would type F12 on most browsers. Click the Network tab.
    Network Tab in Browser Developer Tools
    The Network tab in the browser developer tools.
  3. With the item available, click the three dots to display a context menu, and then click the Get Info option.
    Plex Get Info option
    Get info for an item in Plex Media Server.
  4. The request for the Get Info will appear in the Network tab list. Click the request and the user's Plex token will appear in the Request URL value as the value of the X-Plex-Token parameter.
    Plex Token for the Current User
    The Plex token for the current user.

All tokens

To authenticate with Plex, all devices and users authorized on a Plex server have their own Plex token.

By using the Plex server token, you can send a request to plex.tv to get tokens for all users and devices authorized to access your Plex server.

To get all tokens authorized to access your Plex server, use the following steps:

  1. Follow the steps outlined in The Plex server token section above to get the server token. Copy this token as it will be used in the next step.
  2. In the address bar of a Web browser, enter the following URL:
    https://plex.tv/api/v2/server/access_tokens?auth_token={server_token}
    Replace server_token with the token you found in step 1.
  3. Press enter to have the browser request the URL and return XML data.

The XML data that is returned will list all devices authorized for your server along with their token (the token= contains the token for the device).

Below the device list are additional tokens that have a type server and then an invited element. Each token/invited pair is one user associated with your account.

The Plex token for that user is listed in the parent token element for the invited element associated with the user.

The claim token

In addition to the Plex token, there is a second token that is used to claim a Plex server. This token is called the claim token.

When you claim a server, a request is sent to plex.tv to generate a claim token. The response from that request is the actual token. The request includes your Plex token, which means the claim token is tied to your account.

That claim token is then sent to the Plex server during the Plex claim request to indicate the server is to be associated with your account.

This is the only time you will need the claim token as it isn't used to communicate with either your Plex server or plex.tv after it is used to claim a server.

For more information on the claim token can be found by reading Claim your Plex server using the API.

Invalidate all tokens

You may need to make the tokens associated with your Plex server invalid. Since they are used to authenticate to your server, you may have found one that is being misused.

Making your tokens invalid isn’t something most users will need to do very often but the option is available.

To invalidate all the tokens associated with your Plex instance, do the following:

  1. Open a Web browser and navigate to your Plex account profile.
  2. Click the Edit link next to the Password option.
  3. After filling in the new password fields and the current password, check the Sign out connected devices after password change checkbox.

After performing the above steps, all tokens previously associated with your account will now be invalid. This means that all servers and clients will no longer be connected to your Plex account. You will need to claim your Plex server to have it associated with your account.

The transient token

You can generate a temporary Plex transient token using the Transient Token API command. This token will have the same access level as the token used to make the API request.

Unlike a server or device Plex token, a transient token is valid for only 48 hours. Restarting the Plex server will also cause the transient token to become invalid.

Most Plex server owners won't need to use a transient token, but if you are in need of a token that will have a limited lifetime or would like a token you can invalidate when needed, then you can use a generated transient token.

The above sections talked about what is the Plex token, where to get the Plex token, and how to make the tokens associated with your account invalid. While most users of Plex won’t have a need for the Plex token, it is available if you would like to do more with your server.

Subscribe
Display