API Tokens are used to authenticate each Mist API call to a particular user.
Each user has a role which authorizes the user to perform certain operations to the organization or site (ie: “administrator” or “read-only” roles).
Go to https://api.mist.com/api/v1/self/apitokens and click the
POST button to create a new token.
Store the key somewhere safe; the full API token string will not be revealed again!